r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f5e46725831d8d722872bf68d752f4c5
cf37793a1b73e3f84fe6c37fb27382c83b49dbc0
0582b6180687dd95c7fd728f1b9db4495b807151e309b608ad203d69708f9da6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0582B6180687DD95C7FD728F1B9DB4495B807151E309B608AD203D69708F9DA6"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2173
Expires: Thu, 26 Jan 2023 16:28:40 GMT
Date: Thu, 26 Jan 2023 15:52:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 58ffdcb539c3b250fdf31ed761627fc1
5b55b1522ef84c39b5c42f9bbfbc62b806c1269f
eb783cfa8c8544b0574b345abc0bf3c150979d4efce1a013f17b6cd48076fc63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB783CFA8C8544B0574B345ABC0BF3C150979D4EFCE1A013F17B6CD48076FC63"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8617
Expires: Thu, 26 Jan 2023 18:16:04 GMT
Date: Thu, 26 Jan 2023 15:52:27 GMT
Connection: keep-alive
orgain.com/7408320621/orders/6e4a4a183201fc46f1496c922f543fbc/authenticate?key=2316d47a9f7cd95d2529f40f35eb0ded
23.227.38.32302 Found 0 B URL HTTP/1.1 orgain.com/7408320621/orders/6e4a4a183201fc46f1496c922f543fbc/authenticate?key=2316d47a9f7cd95d2529f40f35eb0ded
IP 23.227.38.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /7408320621/orders/6e4a4a183201fc46f1496c922f543fbc/authenticate?key=2316d47a9f7cd95d2529f40f35eb0ded HTTP/1.1
Host: orgain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Thu, 26 Jan 2023 15:52:27 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Sorting-Hat-PodId: 108
X-Sorting-Hat-ShopId: 7408320621
X-Frame-Options: DENY
Location: https://orgain.com/7408320621/orders/6e4a4a183201fc46f1496c922f543fbc/authenticate?key=2316d47a9f7cd95d2529f40f35eb0ded
X-Shopify-Stage: production
Content-Security-Policy: frame-ancestors 'none'; report-uri /csp-report?source%5Baction%5D=authenticate&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Forders&source%5Bsection%5D=checkout&source%5Bshop_id%5D=7408320621&source%5Buuid%5D=d17b86e3-ad1f-4205-8d16-77a19a7b9835
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block; report=/xss-report?source%5Baction%5D=authenticate&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Forders&source%5Bsection%5D=checkout&source%5Bshop_id%5D=7408320621&source%5Buuid%5D=d17b86e3-ad1f-4205-8d16-77a19a7b9835
X-Dc: gcp-europe-north1,gcp-us-east1,gcp-us-east1
X-Request-ID: d17b86e3-ad1f-4205-8d16-77a19a7b9835
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0WLv5f%2Fx%2FoGhD8LGMMPhip6DMx7pz2zgXXCTKCE9FqsyU3NYvEX27KgHgFP2UldDXYCEfzjr%2Bzx73xsAyGimooxcziMC8NtJfFjLJT%2FSi2LzMDdVoY%2Bx%2BbiIRdc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server-Timing: cfRequestDuration;dur=358.999968
Server: cloudflare
CF-RAY: 78fa6a6f5aaab511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 26 Jan 2023 15:42:55 GMT
content-type: application/json
age: 572
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 49049f3c92aad686cd7ff28ecd2a5a4f
9cc2bc9c055450dbc4fae93eabe4ef8509b3ff57
02cf421968192286bb174ff0e6c818a843c4eca61a02cd493e6f95bb58a37015
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02CF421968192286BB174FF0E6C818A843C4ECA61A02CD493E6F95BB58A37015"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4152
Expires: Thu, 26 Jan 2023 17:01:39 GMT
Date: Thu, 26 Jan 2023 15:52:27 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: OMlOSg3xlIc4ECoIpfj1zOvN0XmMk/OCoLzo7QG8YWub4BecmR2SrkN9miPMTYS7G/2f+jz0Xao=
x-amz-request-id: 0FVXXHJF3CRF12Q5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 26 Jan 2023 15:20:10 GMT
age: 1937
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 15:52:27 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5940d8dd30061b169faf1728404cb6ad
0d5f4642f70c8e49fe643cbe28b41f99e23d8cfd
0be292de20bda6f20d46d04ac1fee6574eb352270e981d1814a1ab9393de5936
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0BE292DE20BDA6F20D46D04AC1FEE6574EB352270E981D1814A1AB9393DE5936"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21589
Expires: Thu, 26 Jan 2023 21:52:16 GMT
Date: Thu, 26 Jan 2023 15:52:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5940d8dd30061b169faf1728404cb6ad
0d5f4642f70c8e49fe643cbe28b41f99e23d8cfd
0be292de20bda6f20d46d04ac1fee6574eb352270e981d1814a1ab9393de5936
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0BE292DE20BDA6F20D46D04AC1FEE6574EB352270E981D1814A1AB9393DE5936"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21589
Expires: Thu, 26 Jan 2023 21:52:16 GMT
Date: Thu, 26 Jan 2023 15:52:27 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 26 Jan 2023 15:49:01 GMT
age: 206
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
orgain.com/7408320621/orders/6e4a4a183201fc46f1496c922f543fbc/authenticate?key=2316d47a9f7cd95d2529f40f35eb0ded
23.227.38.32302 Found 503 B URL HTTP/2 orgain.com/7408320621/orders/6e4a4a183201fc46f1496c922f543fbc/authenticate?key=2316d47a9f7cd95d2529f40f35eb0ded
IP 23.227.38.32:0
Hash c398b6b39d11d25b8ae9bc5cd94a1c98
640aa8c399ced71d0c2a9f5a90fbaf091b01d642
a6f07f7c6a4746acc25457c726701df33120628dfb578bc4982448d8efee5855
GET /7408320621/orders/6e4a4a183201fc46f1496c922f543fbc/authenticate?key=2316d47a9f7cd95d2529f40f35eb0ded HTTP/1.1
Host: orgain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Thu, 26 Jan 2023 15:52:27 GMT
content-type: text/html; charset=utf-8
location: https://orgain.com/7408320621/orders/6e4a4a183201fc46f1496c922f543fbc
x-sorting-hat-podid: 108
x-sorting-hat-shopid: 7408320621
x-frame-options: DENY
x-shopid: 7408320621
x-shardid: 108
x-robots-tag: none
referrer-policy: origin-when-cross-origin
content-language: en-US
cache-control: no-cache
strict-transport-security: max-age=7889238
set-cookie: order=eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaEpJaVV5TXpFMlpEUTNZVGxtTjJOa09UVmtNalV5T1dZME1HWXpOV1ZpTUdSbFpBWTZCa1ZVIiwiZXhwIjoiMjAyMy0wMi0xNlQxNTo1MjoyNy40NTJaIiwicHVyIjoiY29va2llLm9yZGVyIn19--703328c7038b120566c622a0e3f735ef95ba4bb1; path=/7408320621/orders/6e4a4a183201fc46f1496c922f543fbc; expires=Thu, 16 Feb 2023 15:52:27 GMT; secure; HttpOnly; SameSite=Lax
_cmp_a=%7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22merchant_geo%22%3A%22USUSCA%22%2C%22sale_of_data_region%22%3Afalse%7D; domain=orgain.com; path=/; expires=Fri, 27 Jan 2023 15:52:27 GMT; SameSite=Lax
_y=f556f08b-cd7e-4a17-a251-4eecf3ebbbcd; Expires=Fri, 26-Jan-24 15:52:27 GMT; Domain=orgain.com; Path=/; SameSite=Lax
_s=07891a9c-32a5-4035-809c-e8d5ff1382f1; Expires=Thu, 26-Jan-23 16:22:27 GMT; Domain=orgain.com; Path=/; SameSite=Lax
_shopify_y=f556f08b-cd7e-4a17-a251-4eecf3ebbbcd; Expires=Fri, 26-Jan-24 15:52:27 GMT; Domain=orgain.com; Path=/; SameSite=Lax
_shopify_s=07891a9c-32a5-4035-809c-e8d5ff1382f1; Expires=Thu, 26-Jan-23 16:22:27 GMT; Domain=orgain.com; Path=/; SameSite=Lax
x-shopify-stage: production
content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=authenticate&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Forders&source%5Bsection%5D=checkout&source%5Bshop_id%5D=7408320621&source%5Buuid%5D=0d5793d7-04f3-4e15-9cdf-9f293c5f8244
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block; report=/xss-report?source%5Baction%5D=authenticate&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Forders&source%5Bsection%5D=checkout&source%5Bshop_id%5D=7408320621&source%5Buuid%5D=0d5793d7-04f3-4e15-9cdf-9f293c5f8244
x-dc: gcp-europe-north1,gcp-us-east1,gcp-us-east1
x-request-id: 0d5793d7-04f3-4e15-9cdf-9f293c5f8244
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U3DdOzo6K7z7qB0XxOUlNew1O0bLNuvbB2k14RFpu5oDqgOaDFkPQidyek6kG0XSt4YntNlErv9hD7jeBLAn%2FAVneYkeE9GWcuDlhuu067O8V35lKPX%2FP1m3cO8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=467.000008
server: cloudflare
cf-ray: 78fa6a72ae6b0b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.41.91.37101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.91.37:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: SaZ3RMTJaaa43/P6Zmxx/A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ZSbHSQxf2a5TO712IJ5X3LcWGdk=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 961d353b342e48156866b72a668f0d33
55d2dae312b126600d245c67d94e570e75829c90
fb11faabb1c7bec85e02e659b77aef8f1d2ebe69b5fa99f7c02b13fe27733cae
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FB11FAABB1C7BEC85E02E659B77AEF8F1D2EBE69B5FA99F7C02B13FE27733CAE"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3055
Expires: Thu, 26 Jan 2023 16:43:23 GMT
Date: Thu, 26 Jan 2023 15:52:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 961d353b342e48156866b72a668f0d33
55d2dae312b126600d245c67d94e570e75829c90
fb11faabb1c7bec85e02e659b77aef8f1d2ebe69b5fa99f7c02b13fe27733cae
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FB11FAABB1C7BEC85E02E659B77AEF8F1D2EBE69B5FA99F7C02B13FE27733CAE"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3055
Expires: Thu, 26 Jan 2023 16:43:23 GMT
Date: Thu, 26 Jan 2023 15:52:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 961d353b342e48156866b72a668f0d33
55d2dae312b126600d245c67d94e570e75829c90
fb11faabb1c7bec85e02e659b77aef8f1d2ebe69b5fa99f7c02b13fe27733cae
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FB11FAABB1C7BEC85E02E659B77AEF8F1D2EBE69B5FA99F7C02B13FE27733CAE"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3055
Expires: Thu, 26 Jan 2023 16:43:23 GMT
Date: Thu, 26 Jan 2023 15:52:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 961d353b342e48156866b72a668f0d33
55d2dae312b126600d245c67d94e570e75829c90
fb11faabb1c7bec85e02e659b77aef8f1d2ebe69b5fa99f7c02b13fe27733cae
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FB11FAABB1C7BEC85E02E659B77AEF8F1D2EBE69B5FA99F7C02B13FE27733CAE"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3055
Expires: Thu, 26 Jan 2023 16:43:23 GMT
Date: Thu, 26 Jan 2023 15:52:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 961d353b342e48156866b72a668f0d33
55d2dae312b126600d245c67d94e570e75829c90
fb11faabb1c7bec85e02e659b77aef8f1d2ebe69b5fa99f7c02b13fe27733cae
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FB11FAABB1C7BEC85E02E659B77AEF8F1D2EBE69B5FA99F7C02B13FE27733CAE"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3055
Expires: Thu, 26 Jan 2023 16:43:23 GMT
Date: Thu, 26 Jan 2023 15:52:28 GMT
Connection: keep-alive
static.powerreviews.com/t/v1/tracker.js
54.230.111.6200 OK 6.0 kB URL HTTP/2 static.powerreviews.com/t/v1/tracker.js
IP 54.230.111.6:0
File type ASCII text, with very long lines (5947)
Hash c0deab05495c8a78ef78f324d98ba1a4
1732183de9eb9aec6aef289431c5a627b3fdff3e
5255f7027f727c5ed1d5c7c00a0528106458b6354ae9000b8f3c9ecc48e9e83a
GET /t/v1/tracker.js HTTP/1.1
Host: static.powerreviews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 6019
date: Wed, 25 Jan 2023 22:33:25 GMT
last-modified: Mon, 02 Nov 2020 17:13:00 GMT
etag: "c0deab05495c8a78ef78f324d98ba1a4"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KKB1QvEupa9Z1aqOaifU3SHYZtw2BIiXCDUfIf2Slwdb9BCJfpVIng==
age: 62344
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 2ebcc7cd4c50e87a984668828c1e612e
f693d36335f333e3647f9fb2460e34dd73e17421
27f1d63422ccd02a6af514c2c0a36ac6f4e0d6f74ad6d9fc8c32e8ea487ffe15
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 15:52:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 961d353b342e48156866b72a668f0d33
55d2dae312b126600d245c67d94e570e75829c90
fb11faabb1c7bec85e02e659b77aef8f1d2ebe69b5fa99f7c02b13fe27733cae
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FB11FAABB1C7BEC85E02E659B77AEF8F1D2EBE69B5FA99F7C02B13FE27733CAE"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3055
Expires: Thu, 26 Jan 2023 16:43:23 GMT
Date: Thu, 26 Jan 2023 15:52:28 GMT
Connection: keep-alive
ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
142.250.74.74200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
IP 142.250.74.74:0
File type ASCII text, with very long lines (32038)
Hash 103708790db3586027df27ded660f8ef
d3f58fbe6e02cb4b8b34c6fd510e011cb325bc70
fdba876856bb6c2783df94cacb0f17b53fe33f1907135539272c0127b4270ffe
GET /ajax/libs/jquery/1.11.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33507
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 02:37:54 GMT
expires: Thu, 25 Jan 2024 02:37:54 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 134074
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 0bf8fccb276521254634abcdcb4b3f0d
a5b7ffa58daf7d1ea3e312b68533d4d0271348f4
991b03387ddbe0b07a9aee23ea7a98863fa85035cb26e631e0d22a1b999ee487
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 15:52:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 715f2a2c57230b2e1aedef83c76e0cbc
df5a219b8564a6c8fbe802e574ba625be7f204ca
ca239808557d30d1df2527ae94987866734b640bfd631282414a39eac87b872c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 15:52:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=AW-789606081
142.250.74.72200 OK 68 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-789606081
IP 142.250.74.72:0
File type ASCII text, with very long lines (6682)
Hash 6c0d544e080a8b6405a39db388b1f2f2
f837a3bd9db34c218d4c113b7e6a431bc385392e
263b59ccff8ebcd426aab948104b42cb2d10a53ed280933ec74c544fe3aa54ea
GET /gtag/js?id=AW-789606081 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 26 Jan 2023 15:52:28 GMT
expires: Thu, 26 Jan 2023 15:52:28 GMT
cache-control: private, max-age=900
last-modified: Thu, 26 Jan 2023 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 67754
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.shopify.com/s/files/1/0074/0832/0621/files/Orgain_logo_web-2.png?61393
23.227.60.200200 OK 8.9 kB URL HTTP/2 cdn.shopify.com/s/files/1/0074/0832/0621/files/Orgain_logo_web-2.png?61393
IP 23.227.60.200:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type RIFF (little-endian) data, Web/P image\012- data
Hash 56101be25699c363d02fdea1453ae868
1a621a4b26d6e2f2691ddf470cc2cf4aec9f5f83
04cba38924fbf48263ad81e45123e61fe414b123675da75dc4a0b56dd42e95a4
GET /s/files/1/0074/0832/0621/files/Orgain_logo_web-2.png?61393 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 15:52:29 GMT
content-type: image/webp
content-length: 8908
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0074/0832/0621/files/Orgain_logo_web-2.png>; rel="canonical"
source-length: 27520
source-type: image/png
timing-allow-origin: *
vary: Accept, Accept-Encoding
x-content-type-options: nosniff
x-request-id: f58a7ab0-d2b9-46fd-b9de-90f734323042
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-central1,gcp-us-east1
last-modified: Thu, 26 Jan 2023 01:04:55 GMT
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FlDG7LhUGrGoi1qn9KOVeE8Hr%2BvDF8b6qV6lOGu%2FQkrAQYHcnzQuk1d3pSfuKUgMd%2BsgSIhUEs6ikiA1%2FmpatIg2M1tkPOpv7LSxsM2r7iZ5ziVZyDYrJnw%2FjYne7FUyVA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=342.575, imageryFetch;dur=18.128, imageryProcess;dur=323.292;desc="image", cfRequestDuration;dur=140.000105
server: cloudflare
cf-ray: 78fa6a7c6b0bb509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.shopify.com/s/files/1/0074/0832/0621/products/851770007276-v8-CollagenPeptides-1lb-Unflavored-Front-HIRES-shopify_800px_small.jpg?v=1666204904
23.227.60.200200 OK 3.6 kB URL HTTP/2 cdn.shopify.com/s/files/1/0074/0832/0621/products/851770007276-v8-CollagenPeptides-1lb-Unflavored-Front-HIRES-shopify_800px_small.jpg?v=1666204904
IP 23.227.60.200:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ISO Media, AVIF Image\012- data
Hash 35524ac6a4201bd41d8fb6f258f366c6
8af69206156ca181c0065bccd3b3b3295a869576
bd35244050328ca76b35f7d17240b5105ed2588cd4a9d30e6bf78b49074f3341
GET /s/files/1/0074/0832/0621/products/851770007276-v8-CollagenPeptides-1lb-Unflavored-Front-HIRES-shopify_800px_small.jpg?v=1666204904 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 15:52:29 GMT
content-type: image/avif
content-length: 3572
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0074/0832/0621/products/851770007276-v8-CollagenPeptides-1lb-Unflavored-Front-HIRES-shopify_800px_small.jpg>; rel="canonical"
source-length: 58193
source-type: image/jpeg
timing-allow-origin: *
vary: Accept, Accept-Encoding
x-content-type-options: nosniff
x-request-id: 2e23a121-b65e-4dad-8afb-b39037051fcf
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-central1
last-modified: Wed, 19 Oct 2022 21:20:38 GMT
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nxrHb1wPttLhSogWUNdHO%2B4ty96v%2FtO%2FsM9MUtgZW15%2Byn0fXxrrAPV20uKlSWK152v27n9OYr4sdpwJifMz6vsBiQWFf01uljJo9DMRkHPggL50rBpMC1KdcfVHfFs0ug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=166.777, imageryFetch;dur=47.973, imageryProcess;dur=117.775;desc="image", cfRequestDuration;dur=141.000032
server: cloudflare
cf-ray: 78fa6a7c6b0cb509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.shopify.com/s/files/1/0074/0832/0621/products/851770003254-v10-ProteinPowder-2.03lb-Vanilla-Front-HIRES-shopify_800px_small.jpg?v=1659557553
23.227.60.200200 OK 3.2 kB URL HTTP/2 cdn.shopify.com/s/files/1/0074/0832/0621/products/851770003254-v10-ProteinPowder-2.03lb-Vanilla-Front-HIRES-shopify_800px_small.jpg?v=1659557553
IP 23.227.60.200:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type RIFF (little-endian) data, Web/P image\012- data
Hash 7edfec583a6a7aef5ee46e2852e1a4ae
d695439d6922a45056499ed58d0e81c119266f3c
9e36c65d7226a73855c14aabbfa2e8c8cb3e57ac6e02888a254d3d7842ebb7d9
GET /s/files/1/0074/0832/0621/products/851770003254-v10-ProteinPowder-2.03lb-Vanilla-Front-HIRES-shopify_800px_small.jpg?v=1659557553 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 15:52:29 GMT
content-type: image/webp
content-length: 3164
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0074/0832/0621/products/851770003254-v10-ProteinPowder-2.03lb-Vanilla-Front-HIRES-shopify_800px_small.jpg>; rel="canonical"
timing-allow-origin: *
vary: Accept, Accept-Encoding
x-content-type-options: nosniff
x-request-id: 52a446c0-e2a3-4f8a-ae58-4f494fb9fd44
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-east1
last-modified: Mon, 12 Sep 2022 14:32:12 GMT
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8FTg7fDkDV1lSSiMOyf5XY7g5ZOkys6kQdQNzAX6PfaeBSdCmK2ukenPMP%2Fp840RSr7HNUPX1fulbah3CkrOOThty9%2B2GeZbiCvWVzGarJ5d0OhJ9banvR72aBYHKdwnsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=176.843, imageryFetch;dur=45.209, imageryProcess;dur=130.508;desc="image", cfRequestDuration;dur=148.999929
server: cloudflare
cf-ray: 78fa6a7c6b0eb509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 0bf8fccb276521254634abcdcb4b3f0d
a5b7ffa58daf7d1ea3e312b68533d4d0271348f4
991b03387ddbe0b07a9aee23ea7a98863fa85035cb26e631e0d22a1b999ee487
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 15:52:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10281
Expires: Thu, 26 Jan 2023 18:43:50 GMT
Date: Thu, 26 Jan 2023 15:52:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10281
Expires: Thu, 26 Jan 2023 18:43:50 GMT
Date: Thu, 26 Jan 2023 15:52:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10281
Expires: Thu, 26 Jan 2023 18:43:50 GMT
Date: Thu, 26 Jan 2023 15:52:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10281
Expires: Thu, 26 Jan 2023 18:43:50 GMT
Date: Thu, 26 Jan 2023 15:52:29 GMT
Connection: keep-alive
cdn.shopify.com/s/files/1/0074/0832/0621/t/665/assets/seed-checkout.scss.css?v=105645148385689886621673468075
23.227.60.200200 OK 7.9 kB URL HTTP/2 cdn.shopify.com/s/files/1/0074/0832/0621/t/665/assets/seed-checkout.scss.css?v=105645148385689886621673468075
IP 23.227.60.200:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (8495)
Hash 6582da39d91c7c732edc77204186da25
16243bec2bba8132561a43eebe1c0f35be80b546
00404c2c4862bcf9ef618ff58126e3cb2c0b26992f0b9c2c4b0e5db1ae018abf
GET /s/files/1/0074/0832/0621/t/665/assets/seed-checkout.scss.css?v=105645148385689886621673468075 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 15:52:29 GMT
content-type: text/css
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0074/0832/0621/t/665/assets/seed-checkout.scss.css>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 88dcaf5c-73e5-443b-9314-d8e9c9aa40d2
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-central1,us-east1
last-modified: Wed, 11 Jan 2023 22:00:49 GMT
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=emXMNOFWxrZ8nVmslmW3seAOsIu6hNK0cT4vX60X8nWBjBkOHyiW9Gk6x2WgPF73gLXpwXR6fkVywt0HK%2B17qDCCRYiO7R2h8WTK189Wir9iUmm%2BfQwF80a9sNrrvrIBlA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=182.390, imageryFetch;dur=99.686, imageryProcess;dur=80.802;desc="scss", cfRequestDuration;dur=133.000135
server: cloudflare
cf-ray: 78fa6a7c9b5fb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.shopify.com/app/services/7408320621/assets/122875641965/checkout_stylesheet/v2-ltr-2021-01-25-61cdbcf5b455b1c1c17dfc0bb1a21895-61393
23.227.60.200200 OK 48 kB URL HTTP/2 cdn.shopify.com/app/services/7408320621/assets/122875641965/checkout_stylesheet/v2-ltr-2021-01-25-61cdbcf5b455b1c1c17dfc0bb1a21895-61393
IP 23.227.60.200:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (65536), with no line terminators
Hash 84e4d7c3e29106ad4b5712b42bb8cfee
a014e14b6b6f94939bbb53bf0c78adc689266ce0
fcf2bc2841317e758d776b75df6059207927bfbcdeec97cd2a6f53b26a0f56da
GET /app/services/7408320621/assets/122875641965/checkout_stylesheet/v2-ltr-2021-01-25-61cdbcf5b455b1c1c17dfc0bb1a21895-61393 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 15:52:29 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: max-age=31556952, public
link: <https://cdn.shopify.com/app/services/7408320621/assets/122875641965/checkout_stylesheet/v2-ltr-2021-01-25-61cdbcf5b455b1c1c17dfc0bb1a21895-61393>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: d0a40cb7-90e2-4d08-8a5a-12a673156060
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-central1,gcp-us-east1
last-modified: Thu, 26 Jan 2023 01:05:01 GMT
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MXx0jPIBkjrBSsOWgO3qHdNF9d63oD0wtOowid6j7oD4QQ8hLmu0rdJva5bxizO88DA1XESbu6ZA7oFEXngqQ25YwxmX6AHTXMGkTiP8X3SLKAHmOssv9uLHExzhll7HWA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=7177.949, imageryFetch;dur=7177.552, cfRequestDuration;dur=207.999945
server: cloudflare
cf-ray: 78fa6a7c6b09b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.shopify.com/shopifycloud/shopify/assets/shop_qr-1f53501e8ad08edc204b781136461a901672e8838b9408142dbd5469245aed63.js
23.227.60.200200 OK 14 kB URL HTTP/2 cdn.shopify.com/shopifycloud/shopify/assets/shop_qr-1f53501e8ad08edc204b781136461a901672e8838b9408142dbd5469245aed63.js
IP 23.227.60.200:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (19843), with no line terminators
Hash 5f64752e145f6589b6a5bd40fb00a3db
939cb20779cab3b5167842f22771dd5c4e20446a
5f9a41ef48fd45242232eae6b98f4087cff3301a5e9e910c51775343c460be39
GET /shopifycloud/shopify/assets/shop_qr-1f53501e8ad08edc204b781136461a901672e8838b9408142dbd5469245aed63.js HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 15:52:29 GMT
content-type: text/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/shop_qr-1f53501e8ad08edc204b781136461a901672e8838b9408142dbd5469245aed63.js>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 43fd8e2f-e3b0-414a-988e-06d08f642d31
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-east1
last-modified: Thu, 01 Dec 2022 03:46:03 GMT
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y7Re9lfwM0BBMPUHkvVraDZQVVzVkQq7KI2Pl6W6gGJ2AM%2FcDl8ndbf6xZmhanTf9gvyNch3IW6wGp2PJ00vDZoZVR%2BedHKlN3QLy3zdk8jdHQz%2Buk%2FBicMGA%2BhkYeuWvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=22.363, imageryFetch;dur=22.135, cfRequestDuration;dur=214.999914
server: cloudflare
cf-ray: 78fa6a7c6f5bb4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7458f7a9b2070055df6f1d496794e43e
0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9
373097662c419eef9f4a19ce9f3bcead70f6eafbf0acf44806685eece43ce251
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12758
x-amzn-requestid: c3540562-8c62-4957-9528-7ae952daebaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9gf1E87oAMFpsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c87acb-49fd3f78275937e24d23fca3;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 23:03:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mjK4GJ3UCEuHk4XqmXdZCWHTVvJeX8Z2HFaem2GYzqfqlPSd_h6DfA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 05:14:39 GMT
age: 38270
etag: "0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a8a63ec-e0a4-4297-b143-649ad3968ae8.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a8a63ec-e0a4-4297-b143-649ad3968ae8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f62e9b7bdca82d18c945851912d8fea8
a7ca44d337c43bc5c6145b26778661c71cc50484
5da02cc405c1cada55813ffe376844375f1d6ad222cbb63405348b1f5132a0b1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a8a63ec-e0a4-4297-b143-649ad3968ae8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9595
x-amzn-requestid: c257bfbe-1bd7-4540-bbfa-e4c49a2624a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUXwfGigoAMFvBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a002-226c08656eeefbfa3c2dddb6;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:32:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k9njnQmggD7UkVJzZqSzo90HJJjTjGK0QIoPU0HWYKrSstjM6s1rOw==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:49:37 GMT
age: 64972
etag: "a7ca44d337c43bc5c6145b26778661c71cc50484"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.shopify.com/shopifycloud/shopify/assets/checkout_2021-01-25-56fd3fb2a9e87e63c7067dc66a54d13c9ca633da1575bf6a48f323da737ee10e.js
23.227.60.200200 OK 310 kB URL HTTP/2 cdn.shopify.com/shopifycloud/shopify/assets/checkout_2021-01-25-56fd3fb2a9e87e63c7067dc66a54d13c9ca633da1575bf6a48f323da737ee10e.js
IP 23.227.60.200:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (32768)
Size 310 kB (309495 bytes)
Hash 994ab2c86a3b26450fc5017f88cca61f
d65bc9be9245c9e2066b31266fce758ad85b01b4
188b8dabb15bc3e2cc852ab596b4d7010d9969f2212672e29a9e1afa13e6262e
GET /shopifycloud/shopify/assets/checkout_2021-01-25-56fd3fb2a9e87e63c7067dc66a54d13c9ca633da1575bf6a48f323da737ee10e.js HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 15:52:29 GMT
content-type: text/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/checkout_2021-01-25-56fd3fb2a9e87e63c7067dc66a54d13c9ca633da1575bf6a48f323da737ee10e.js>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 67ea930f-a5a0-4332-a30b-179a4c79a93c
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-east1
last-modified: Mon, 12 Dec 2022 13:01:44 GMT
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a5l7MILPCtzzc997P5UXH5gua5Rze9cjFgMxVWvqaNOHpXfD58Tz%2F89aQRdTlgwi7WMamz67FhXALvR5EU9BXroMdkmmDDEjg45DTIpLOGN%2B2l6%2FqtvzOZYuaCBpqKgWgw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=35.277, imageryFetch;dur=35.086, cfRequestDuration;dur=146.000147
server: cloudflare
cf-ray: 78fa6a7c8f82b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash a35d60562ccb94106f2e5b1391ec8c00
4224b691e765f81c4884b441eeb6267d0b1ad9c2
d5882aa6ce6aa5bc1860044aa77fdff784607a0f8a4225201c5602db6ecab706
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 26 Jan 2023 15:52:29 GMT
Last-Modified: Thu, 26 Jan 2023 15:22:22 GMT
Server: ECS (nyb/1D17)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Lr0Pd4-mGU7AchVvBr0eW5QjnupPka13QATzN6Bb6CgzB8hMhE8QPw==
Age: 1807
cdn.shopify.com/s/files/1/0074/0832/0621/t/665/assets/Montserrat-Regular.woff2
23.227.60.200200 OK 66 kB URL HTTP/2 cdn.shopify.com/s/files/1/0074/0832/0621/t/665/assets/Montserrat-Regular.woff2
IP 23.227.60.200:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type Web Open Font Format (Version 2), TrueType, length 65452, version 1.0\012- data
Hash d680a3ff3d0ce7330d40140203167fab
8cb74a330189cb6bf98fe15df3e841be9721ddb3
3a437ad0a2cc9a04a80487854fa6d261dfa6f663679e54a482f2e320809a147b
GET /s/files/1/0074/0832/0621/t/665/assets/Montserrat-Regular.woff2 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://orgain.com
Connection: keep-alive
Referer: https://cdn.shopify.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 15:52:30 GMT
content-type: font/woff2
content-length: 65452
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0074/0832/0621/t/665/assets/Montserrat-Regular.woff2>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 45abe1be-c121-491e-b45f-a9e8b9929fae
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-central1,us-central1
last-modified: Wed, 11 Jan 2023 20:49:21 GMT
cf-cache-status: HIT
age: 48158
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=elzlEvGtAWMOIGKoHZplkqtteGHAhrL5okhnlCXm7G3SWrnM62l0Z%2FNpjOfXSt%2BLfyuMJbxjp%2FvbKf40xlbuX5RdvI9G5peewpmNGliCcvQpFp7o5APgfkYMHBeM0gm2%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server-timing: imagery;dur=502.903, imageryFetch;dur=502.652, cfRequestDuration;dur=13.999939
server: cloudflare
cf-ray: 78fa6a8399d9b4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s3-us-west-2.amazonaws.com/addressvalidator/pobox_checker.js
52.218.182.216200 OK 24 kB URL HTTP/1.1 s3-us-west-2.amazonaws.com/addressvalidator/pobox_checker.js
IP 52.218.182.216:0
File type Unicode text, UTF-8 text, with very long lines (24356), with no line terminators
Hash 62d0fe2b94a2a9af89f0dbc4216fce2a
7e745f4ef22b7467a057b2327c08f1cf1eefb27b
4c4d5642579e3ee155cc97bf2448b42c0d261830c306da4b5a52e88ce1f6bf4d
GET /addressvalidator/pobox_checker.js HTTP/1.1
Host: s3-us-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: hAnOMKW+L0meIUmyJTfDc8xQbUXrgrZco447IFfYFIfPVo71vsTgWXAkBCJrF9mR0shCUI7mkt0=
x-amz-request-id: WE9S8ACPX2AWYQ09
Date: Thu, 26 Jan 2023 15:52:31 GMT
Last-Modified: Wed, 04 Jan 2023 03:49:34 GMT
ETag: "62d0fe2b94a2a9af89f0dbc4216fce2a"
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
Server: AmazonS3
Content-Length: 24358
cdn.shopify.com/s/files/1/0074/0832/0621/t/665/assets/Montserrat-ExtraBold.woff2
23.227.60.200200 OK 65 kB URL HTTP/2 cdn.shopify.com/s/files/1/0074/0832/0621/t/665/assets/Montserrat-ExtraBold.woff2
IP 23.227.60.200:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type Web Open Font Format (Version 2), TrueType, length 64840, version 1.0\012- data
Hash f9420e120975e1a1d06483500719405b
8d21b906e9337b7d6df7df63bc07c08c664c29b7
9cbffd7dc1b087e6a41a322b695e901ae495ee9a9ace1a518873508bd171d3dd
GET /s/files/1/0074/0832/0621/t/665/assets/Montserrat-ExtraBold.woff2 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://orgain.com
Connection: keep-alive
Referer: https://cdn.shopify.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 15:52:30 GMT
content-type: font/woff2
content-length: 64840
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0074/0832/0621/t/665/assets/Montserrat-ExtraBold.woff2>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 9f82802c-9196-46b2-bf3c-beb9c69fc561
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-central1,us-central1
last-modified: Wed, 11 Jan 2023 20:49:21 GMT
cf-cache-status: HIT
age: 893
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qzUnej2B3hFhoJR8kO83tiZGEPIV8ftEQLjn2p6244dZ37AgSYMmwY2tRlIGiM9kAwBgjG2WQQWzXsViWU66smThuGfIkl34S6lEsBDB8EMz0Y8a6C9XuZJNO0dSs0UY%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server-timing: imagery;dur=100.099, imageryFetch;dur=99.815, cfRequestDuration;dur=10.999918
server: cloudflare
cf-ray: 78fa6a85acdcb4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.shopify.com/s/files/1/0074/0832/0621/t/665/assets/Montserrat-Medium.woff2
23.227.60.200200 OK 66 kB URL HTTP/2 cdn.shopify.com/s/files/1/0074/0832/0621/t/665/assets/Montserrat-Medium.woff2
IP 23.227.60.200:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type Web Open Font Format (Version 2), TrueType, length 65640, version 1.0\012- data
Hash a3ce74a6f4ff643d9db5d4087e4d625e
b2e3adb708642270c10accc6caf766b471ae3d45
909daf6cad3051fca0fc47be0a75911fe51bd4fa086f235aabb18214a6942a18
GET /s/files/1/0074/0832/0621/t/665/assets/Montserrat-Medium.woff2 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://orgain.com
Connection: keep-alive
Referer: https://cdn.shopify.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 15:52:30 GMT
content-type: font/woff2
content-length: 65640
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0074/0832/0621/t/665/assets/Montserrat-Medium.woff2>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 00f949c2-7a09-46a2-8112-5922a02768be
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-central1
last-modified: Wed, 11 Jan 2023 20:49:21 GMT
cf-cache-status: HIT
age: 48158
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lrhMkYgshGyBvKwtZempFfvnmBSNifO8iboUhv6B7HEKCNQ7E%2FDI%2FNyFHWeUTciGHpngJw9e5FLDPZHwjsM6seXj6gUJPCpdv7UZMTvTdgswWvAUJS75pZR1z3yH7Atzew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server-timing: imagery;dur=54.046, imageryFetch;dur=53.636, cfRequestDuration;dur=13.999939
server: cloudflare
cf-ray: 78fa6a85acdeb4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.shopify.com/s/files/1/0074/0832/0621/t/665/assets/Montserrat-SemiBold.woff2
23.227.60.200200 OK 66 kB URL HTTP/2 cdn.shopify.com/s/files/1/0074/0832/0621/t/665/assets/Montserrat-SemiBold.woff2
IP 23.227.60.200:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type Web Open Font Format (Version 2), TrueType, length 65500, version 1.0\012- data
Hash 887f219d00e4dd7768a1401ead1c404a
95b6c8bbb3796bbb18e6dad49ab3a123426db81a
51c829644e439eaa74b22e26efeb8c82d434d1bc92d331e89f21a96deeeb1597
GET /s/files/1/0074/0832/0621/t/665/assets/Montserrat-SemiBold.woff2 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://orgain.com
Connection: keep-alive
Referer: https://cdn.shopify.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 15:52:30 GMT
content-type: font/woff2
content-length: 65500
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0074/0832/0621/t/665/assets/Montserrat-SemiBold.woff2>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 1ca5c73d-0594-4773-9540-574b56a6bb4c
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-central1
last-modified: Wed, 11 Jan 2023 20:49:26 GMT
cf-cache-status: HIT
age: 48158
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ljeQOpaeUaCfr4XAUfuV%2FWWLnjWstLqc6AcqAhWwSd9qHxfk%2Fmo%2F4%2BaCjJIYor8WvO0mN4P979DLNbTz89fg7L9nsFcc3XU8SHqQovFh%2BHkgFX2uBOax6uByE0O2m%2BapCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server-timing: imagery;dur=55.430, imageryFetch;dur=55.135, cfRequestDuration;dur=9.000063
server: cloudflare
cf-ray: 78fa6a85bcfab4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.shopify.com/app/services/7408320621/javascripts/checkout_countries/122875641965/en-US/countries-08119728fa820cb171a59277ff5fcfd43a9c2b6b-0.js?version=2021-01-25
23.227.60.200200 OK 31 kB URL HTTP/2 cdn.shopify.com/app/services/7408320621/javascripts/checkout_countries/122875641965/en-US/countries-08119728fa820cb171a59277ff5fcfd43a9c2b6b-0.js?version=2021-01-25
IP 23.227.60.200:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type Unicode text, UTF-8 text, with very long lines (62586)
Hash 9117169dfe1f30519544d3bf90643b8a
94bc6f81b2760c9e9201c45aa247f77dd65cf869
9984f8487664950270faafd0468cb951deab9c7991e8e0bcf5fa568a50d39b32
GET /app/services/7408320621/javascripts/checkout_countries/122875641965/en-US/countries-08119728fa820cb171a59277ff5fcfd43a9c2b6b-0.js?version=2021-01-25 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 15:52:29 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: no-cache
content-language: en-US
link: <https://cdn.shopify.com/app/services/7408320621/javascripts/checkout_countries/122875641965/en-US/countries-08119728fa820cb171a59277ff5fcfd43a9c2b6b-0.js>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: ffc9e11d-632e-4f2a-8dea-55e676fd117d
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,gcp-us-east1
last-modified: Thu, 26 Jan 2023 15:52:29 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uK0E8zEjHkCe92Ah3JBRAGhnkmy%2FfKrFVvBcqnlAbqCmmDnRxWHGusEDg8pgDz1LVmJx2eWGUtVpv3me6O5KyyajQZN4Vq%2B%2FQDRLCMlF%2BwVNXBFfBAfQ2oidDUBg31rI3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=837.657, imageryFetch;dur=837.483, cfRequestDuration;dur=1007.999897
server: cloudflare
cf-ray: 78fa6a7c8f80b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
shop.pe/widget/widget_async.js
35.227.244.1301 Moved Permanently 178 B URL HTTP/2 shop.pe/widget/widget_async.js
IP 35.227.244.1:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /widget/widget_async.js HTTP/1.1
Host: shop.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 26 Jan 2023 15:52:30 GMT
content-type: text/html
content-length: 178
location: https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
x-frame-options: deny
content-security-policy: frame-ancestors none;
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash cb5aab5b40a5709a385e06a4bcf8ec14
46b93111d775973883c81304a156f6add8ae050d
0bba19bfa327afac31c2116cf376a9e230019c3065abea0bad00e92000715542
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 727
Cache-Control: max-age=100961
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 15:52:30 GMT
Etag: "63d18648-2d7"
Expires: Fri, 27 Jan 2023 19:55:11 GMT
Last-Modified: Wed, 25 Jan 2023 19:43:04 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 727
t.powerreviews.com/t/v1.gif?e=c&id=1gvssbogbp&t=ldd9xdfn&uid=no_cookies&mgid=77497&p=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&mid=459167&l=en_US&muid=5713398825069&mo=y&ue=vegite56%40me.com&uf=HENRY&ul=%20RODRIGUEZ%20SAL186&oid=687302&os=65.98&on=2&oi=4021655601261,29852815851629,Grass%2520Fed%2520Pasture%2520Raised%2520Collagen%2520Peptides%2520-%2520Unflavored%2520%2F%25201lb%2520Canister%3A,1,31.99;4021678735469,29852864741485,Organic%2520Protein%25E2%2584%25A2%2520Plant%2520Based%2520Protein%2520Powder%2520-%2520Vanilla%2520Bean%2520%2F%25202.03lb%2520Canister%3A,1,33.99
54.230.111.41200 OK 43 B URL HTTP/1.1 t.powerreviews.com/t/v1.gif?e=c&id=1gvssbogbp&t=ldd9xdfn&uid=no_cookies&mgid=77497&p=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&mid=459167&l=en_US&muid=5713398825069&mo=y&ue=vegite56%40me.com&uf=HENRY&ul=%20RODRIGUEZ%20SAL186&oid=687302&os=65.98&on=2&oi=4021655601261,29852815851629,Grass%2520Fed%2520Pasture%2520Raised%2520Collagen%2520Peptides%2520-%2520Unflavored%2520%2F%25201lb%2520Canister%3A,1,31.99;4021678735469,29852864741485,Organic%2520Protein%25E2%2584%25A2%2520Plant%2520Based%2520Protein%2520Powder%2520-%2520Vanilla%2520Bean%2520%2F%25202.03lb%2520Canister%3A,1,33.99
IP 54.230.111.41:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /t/v1.gif?e=c&id=1gvssbogbp&t=ldd9xdfn&uid=no_cookies&mgid=77497&p=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&mid=459167&l=en_US&muid=5713398825069&mo=y&ue=vegite56%40me.com&uf=HENRY&ul=%20RODRIGUEZ%20SAL186&oid=687302&os=65.98&on=2&oi=4021655601261,29852815851629,Grass%2520Fed%2520Pasture%2520Raised%2520Collagen%2520Peptides%2520-%2520Unflavored%2520%2F%25201lb%2520Canister%3A,1,31.99;4021678735469,29852864741485,Organic%2520Protein%25E2%2584%25A2%2520Plant%2520Based%2520Protein%2520Powder%2520-%2520Vanilla%2520Bean%2520%2F%25202.03lb%2520Canister%3A,1,33.99 HTTP/1.1
Host: t.powerreviews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Date: Sat, 21 Jan 2023 01:20:22 GMT
Last-Modified: Wed, 11 Jan 2023 22:37:18 GMT
ETag: "fc94fb0c3ed8a8f909dbc7630a0987ff"
x-amz-server-side-encryption: AES256
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Tw4tGEVcbev_7MAksmlo3doVQuR1WP3AVcg7XRIvAgQN0Ip7Fk3ZrA==
Age: 484329
js.adsrvr.org/up_loader.1.1.0.js
54.230.241.118200 OK 1.9 kB URL HTTP/1.1 js.adsrvr.org/up_loader.1.1.0.js
IP 54.230.241.118:0
File type ASCII text, with very long lines (4593), with no line terminators
Hash 8dc722d27824e60548fd25752623cd07
33d66ad1a4a162e2d6c9ed732d6c9af79635fc4d
14ce9119fe06fb2d363ba3c824e9f5b3f212f1f39dfab38c836fa13a20daec1b
GET /up_loader.1.1.0.js HTTP/1.1
Host: js.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Thu, 26 Jan 2023 06:03:08 GMT
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: HcrAJEYaQuzodnEp7ncArc-qKjkfiXOcbcHerEiIx81Ikkdll6-NDg==
Age: 35364
ocsp.pki.goog/s/gts1d4/oGQfcJFPyx4
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/oGQfcJFPyx4
IP 216.58.211.3:0
Hash 479f1309824d957a44992a264e67a0a6
245df72c0d632f22c4787bf837cf50cd96e726db
5be8a72914d1b07f698cae8f71ff1cde4fa3dc16ef5587e76f90d45ac8bbc318
POST /s/gts1d4/oGQfcJFPyx4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 15:52:30 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.pdst.fm/ping.min.js
35.244.142.80200 OK 5.8 kB IP 35.244.142.80:0
File type ASCII text, with very long lines (26948), with no line terminators
Hash d001d1c9f5a942fa5524eeacb047e819
6ebc303d4e3fe71192400673808f37ce1c6a1d25
63882c75983a011c7ae5041061a95babb9e67fa508b0628e1c00f455ccd40b0a
GET /ping.min.js HTTP/1.1
Host: cdn.pdst.fm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsydEKIQB0J4bBTRqdIT4XMJ7RNPG4mMFmMZ7JS-oRlvRHh6Vszr_n21rNfL9HphwhHZH9OoGfOutBXqIWX3gj03a4qmT7n
vary: Accept-Encoding
x-goog-generation: 1622234043862937
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 5774
content-encoding: gzip
x-goog-hash: crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 5774
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
date: Thu, 26 Jan 2023 15:50:32 GMT
expires: Thu, 26 Jan 2023 16:50:32 GMT
cache-control: public, max-age=3600
age: 118
last-modified: Fri, 28 May 2021 20:34:03 GMT
etag: "d001d1c9f5a942fa5524eeacb047e819"
content-type: application/javascript;
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 857cee99e04df41a226d8ba03fb526bb
058c99ddc92fdc50fbeb291d69b3412559f43cb6
27b6712ad0faa05c8167070988d5bdf60ea86aa9bc7865b95a36a96988429d27
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 26 Jan 2023 15:52:30 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 26 Jan 2023 04:23:18 GMT
Expires: Fri, 27 Jan 2023 04:23:18 GMT
ETag: "058c99ddc92fdc50fbeb291d69b3412559f43cb6"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.pki.goog/s/gts1d4/oGQfcJFPyx4
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/oGQfcJFPyx4
IP 216.58.211.3:0
Hash 479f1309824d957a44992a264e67a0a6
245df72c0d632f22c4787bf837cf50cd96e726db
5be8a72914d1b07f698cae8f71ff1cde4fa3dc16ef5587e76f90d45ac8bbc318
POST /s/gts1d4/oGQfcJFPyx4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 15:52:30 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.mczbf.com/tags/384165514209/tag.js
54.230.111.40200 OK 17 kB URL HTTP/1.1 www.mczbf.com/tags/384165514209/tag.js
IP 54.230.111.40:0
File type ASCII text, with very long lines (51660)
Hash c6ff762783aeabad75c4ef1accdcf55b
b75409034506c59c9fe06ed70702ad7e8e7f4c39
d5c5778130c2f85e6e7e1a5bb4805eb8795cc46113749cbcfb2cc6d65535adbe
GET /tags/384165514209/tag.js HTTP/1.1
Host: www.mczbf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Thu, 26 Jan 2023 15:52:30 GMT
X-Request-ID: 70eea51d-9d91-11ed-96ab-8db5496b8eaf
Server: nginx
Cache-Control: max-age=1800
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: CSxU3_HUUcZE44SVfObv-3RYgzN-gu_-HAs1qzYpgtWep1CnMImTlA==
sc-static.net/scevent.min.js
54.230.82.240200 OK 13 kB URL HTTP/2 sc-static.net/scevent.min.js
IP 54.230.82.240:0
File type ASCII text, with very long lines (30923), with no line terminators
Hash 957d65dfa972893511879b4d2abce54b
a0106f59c171c72c527a88cc3b06263af186a5c4
24cae1a14856e2642826fe9d960b0e61ae60fa45a778ec61f2b7d862dc3af603
GET /scevent.min.js HTTP/1.1
Host: sc-static.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 13270
server: CloudFront
date: Thu, 26 Jan 2023 15:52:30 GMT
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Content-Type
cache-control: private, s-maxage=0, max-age=600
set-cookie: X-AB=0d6e407936704bd380072f5891d28b0e;max-age=86400;expires=Fri, 27 Jan 2023 15:45:05 GMT;Path=/scevent.min.js; Secure; SameSite=None
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vfn8G1ZiuBobNh4Wbr9oIw96hQHRFiu8b8uu04xm51aQhUfgun-QQg==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8b68538f8cba0d35e57e3aad7afdc3b2
d4edf879ad9044f7e576eb57d26a028d4e9462bb
d8f0631c38fd1795cdd3ba31dd6b8a16e9a6d86829a0f636154959919838f9d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 15:52:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8b68538f8cba0d35e57e3aad7afdc3b2
d4edf879ad9044f7e576eb57d26a028d4e9462bb
d8f0631c38fd1795cdd3ba31dd6b8a16e9a6d86829a0f636154959919838f9d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 15:52:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dx.mountain.com/spx?conv=1&shaid=32440&tdr=&plh=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&cb=28509723367311100&shoid=4612456874093&shoamt=46.19&shocur=&shopid=&shoq=&shoup=&shpil=
52.88.179.26200 OK 5.1 kB URL HTTP/1.1 dx.mountain.com/spx?conv=1&shaid=32440&tdr=&plh=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&cb=28509723367311100&shoid=4612456874093&shoamt=46.19&shocur=&shopid=&shoq=&shoup=&shpil=
IP 52.88.179.26:0
File type Unicode text, UTF-8 text, with very long lines (19687), with no line terminators
Hash 583b1bf8c14f360c7baaea1623ba4e48
86ffce228de324a16bc6c223677ac3098be9e100
b5daff4b50dd3a66f1d100a792033435107b4a98f3f1091d7dfd23b7998cc9f2
GET /spx?conv=1&shaid=32440&tdr=&plh=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&cb=28509723367311100&shoid=4612456874093&shoamt=46.19&shocur=&shopid=&shoq=&shoup=&shpil= HTTP/1.1
Host: dx.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-encoding: gzip
content-type: application/javascript;charset=utf-8
date: Thu, 26 Jan 2023 15:52:30 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
connection: close
transfer-encoding: chunked
analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3D3KR7JETSVJ8HSUA2G&lib=ttq
23.36.79.32200 OK 1.2 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3D3KR7JETSVJ8HSUA2G&lib=ttq
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2333)
Hash 796f7d9e88a70504a1500d14dccce44f
5d692dbb0bae0869346a4e81374522a45c43a7c6
41d16ad865754f94396fb97025836d6791aefd0d8943e118fbcc892070090e59
GET /i18n/pixel/events.js?sdkid=C3D3KR7JETSVJ8HSUA2G&lib=ttq HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 2023012615523003F9319EC481D495175E
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60787dee798e7afc9c5500f386c65d6ca16bacaab748040882dc7f0918665c1c0d7159fe329f30738afb62205a056ad22d04a24d1a23c9fb816a37a45532fe6223fdde0506b25280ab0a6fd6ab67716841
content-encoding: gzip
expires: Thu, 26 Jan 2023 15:52:31 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 26 Jan 2023 15:52:31 GMT
content-length: 1154
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
set-cookie: _ttp=2Ks1CqyNtN0EdYkLtTza1QcCiO1; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=2, cdn-cache; desc=MISS, edge; dur=0, origin; dur=111
x-origin-response-time: 111,23.36.79.28
x-akamai-request-id: 3b5e9f4b
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3295d3058141b2ed6e7eeaed9c42ecca
edd6774f3c676940d6acdebc428a3d8097c07f3e
e9342908ebad694375eefc306084a3af973b934526ffd363f46dd76718664ad2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2407
Cache-Control: max-age=142607
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 15:52:31 GMT
Etag: "63d22267-1d7"
Expires: Sat, 28 Jan 2023 07:29:18 GMT
Last-Modified: Thu, 26 Jan 2023 06:49:11 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3295d3058141b2ed6e7eeaed9c42ecca
edd6774f3c676940d6acdebc428a3d8097c07f3e
e9342908ebad694375eefc306084a3af973b934526ffd363f46dd76718664ad2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4875
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 15:52:31 GMT
Last-Modified: Thu, 26 Jan 2023 14:31:16 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
www.sjwoe.com/policy
54.230.111.82200 OK 47 B IP 54.230.111.82:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 4df589e07db49a37b9f0f0f388dafe4d
dec69779c617f1a3d12b24c305887f06d2c0e7ef
b9a115127dd63e3f27882fddcf4431f2cffc43deb619586cd6becc6f23e57ba6
GET /policy HTTP/1.1
Host: www.sjwoe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 47
date: Wed, 25 Jan 2023 20:01:57 GMT
x-amzn-requestid: 6a65a805-c39c-4009-aae5-27ec9ec0d423
access-control-allow-origin: *
x-amz-apigw-id: fUKcdEj0oAMFUfg=
cache-control: max-age=3600
x-amzn-trace-id: Root=1-63d18ab5-3ca2230a0e18a2d72c4cf094;Sampled=0
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: S1Guxrgul68WfcVYEtSwjsXum1QzX-23-a_WLDKGCy3AB6otpvWV_A==
age: 71434
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 6.2 kB IP 216.58.211.3:0
Hash 9bd8ee7429480f2591a9506eea5559aa
41829b98d404598713877709c34f3e0a953b2170
bac161c1bfe84226b72a9632b93030ecd8ddfdc17c67ab8fbbbedb6d7b4f86f2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 15:52:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tr.snapchat.com/p
35.190.43.134200 OK 68 B IP 35.190.43.134:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
POST /p HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Content-Type: application/x-www-form-urlencoded
Content-Length: 388
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 15:52:31 GMT
access-control-allow-origin: https://orgain.com
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAAXBiQ0AIAgEsIlIhDt5xjE+UzC87R6Vx8rEUCXEOpIZEIZeEv7mtm71YDAxtccH/UuKDzIAAAA=;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 68
x-envoy-upstream-service-time: 6
server: API Gateway
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
maps.gstatic.com/mapfiles/openhand_8_8.cur
142.250.74.99200 OK 326 B URL HTTP/2 maps.gstatic.com/mapfiles/openhand_8_8.cur
IP 142.250.74.99:0
File type MS Windows cursor resource - 1 icon, 32x32, 2 colors, hotspot @8x8\012- data
Hash feff9159f56cb2069041d660b484eb07
0d0a08cf25a258511957f357b89d3908f3c5e6e3
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
GET /mapfiles/openhand_8_8.cur HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/bmp
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-length: 326
date: Thu, 26 Jan 2023 15:52:31 GMT
expires: Thu, 26 Jan 2023 15:52:31 GMT
cache-control: private, max-age=31536000
last-modified: Tue, 18 May 2021 19:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/static/main.MWE2YWY2YTgzMg.js
23.36.79.32200 OK 69 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/static/main.MWE2YWY2YTgzMg.js
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (21891)
Hash 74c3f327c4b3002fde5ef788129d6245
f99cd82f3208a2750f5be61301719411d3456ea0
c56110fcf0f726745765a3708a795b832279b24811675e6d757a8d84c3a4b144
GET /i18n/pixel/static/main.MWE2YWY2YTgzMg.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Cookie: _ttp=2Ks1CqyNtN0EdYkLtTza1QcCiO1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 20230112175825CE9047AAB28A1A92E1C9
x-tt-trace-host: 012b38305f60bfa8a9f04bdd846fde846b507e69fff233d9a114d447ebe9f93c0f0d03b7468ad8b1cb3b9a087e8ba0c9271348d0471c1aab4c6b5f4ed91206a643c3d77d2de7d14e7830204a6ea5a19be4f4e8a330ae4e711c3e2cbdf6ca25d12c
content-encoding: gzip
date: Thu, 26 Jan 2023 15:52:31 GMT
content-length: 68835
x-cache: TCP_MEM_HIT from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
x-akamai-request-id: 3b5ea0c9
X-Firefox-Spdy: h2
us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
216.239.36.54200 OK 22 B URL HTTP/2 us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
IP 216.239.36.54:0
File type ASCII text, with no line terminators
Hash 8e7120c76040a47f820e8c87b95dddce
0ae6d0d5578537f5011e44f97e812069362ac7b2
e64c6bbbdbf2cc009eeb259cfb5f877274d073ea0ef1770008344cdf7d640c3c
OPTIONS /pdst-events-prod-sink HTTP/1.1
Host: us-central1-adaptive-growth.cloudfunctions.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://orgain.com/
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-type: text/html; charset=utf-8
etag: W/"2-ROqGvmcGDXooyAXFZHZ+i4au1yQ"
function-execution-id: 3pipdmymz3df
x-powered-by: Express
x-cloud-trace-context: 10ff78e8cfd609834d072d3afaa467b6
content-encoding: gzip
date: Thu, 26 Jan 2023 15:52:31 GMT
server: Google Frontend
cache-control: private
content-length: 22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash afeb3476c3b5b8e10f11db443b8528af
f419163f1e43fece9e428e088c49c65e145846ed
8f9bbf884ae3cddaf2f3eff5d31abf823004207b33bc925651516c60af1f37a9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 15:52:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash b6bd32a40f252b65ea3ebe183c3175ba
9028c3fefbe3cba35a4d5349cd95c1e67f8914e8
cc266f4b7f4c444950305b9011f2258974e74e8578856348e0b7a78a7f217fd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 15:52:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 6fd21feb7ffbf3a91c074b0b73acc836
8210dfb1fb9c1b693d8e6346cad08df6e0ba77b9
6d34c2659481899bc8bd924952f255e161be4729a9f141bc805495d834c142d4
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 26 Jan 2023 15:52:31 GMT
Last-Modified: Thu, 26 Jan 2023 14:47:11 GMT
Server: ECS (bsa/EB23)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: FVAJNxRk61Zet_v_OKYP1_VZN3pPQBC9_wICd8utvr5Ov18SaXNNgw==
Age: 3920
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 6fd21feb7ffbf3a91c074b0b73acc836
8210dfb1fb9c1b693d8e6346cad08df6e0ba77b9
6d34c2659481899bc8bd924952f255e161be4729a9f141bc805495d834c142d4
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 26 Jan 2023 15:52:31 GMT
Last-Modified: Thu, 26 Jan 2023 14:28:41 GMT
Server: ECS (bsa/EB16)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: sgFsQEbcnq__nx6BvR_cH9qRaLCV8rENbF3xzYJVeZvjzBkS2HJpEA==
Age: 5030
analytics.tiktok.com/i18n/pixel/static/identify_c4832.js
23.36.79.32200 OK 31 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/static/identify_c4832.js
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 85bd96a56a6a7f09e3e7dadc7980152e
37590c595abeb315046a293a9e53632ae2128ac4
c27be18eef006f48310fb2b0c456d6bcb1f3b0298dcb6e580724923323cb48a7
GET /i18n/pixel/static/identify_c4832.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Cookie: _ttp=2Ks1CqyNtN0EdYkLtTza1QcCiO1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 20230112175825D19F86481431D6BBCCFF
x-tt-trace-host: 012b38305f60bfa8a9f04bdd846fde846b507e69fff233d9a114d447ebe9f93c0f827e6bc0806bd5a24cf0439744099e1e4bba0637571d8edb56c6009f69fe5018b8e38bd5b93708ee64c377fa97874d18ceefbea8a477a7fa2bec40c3b56c69b1
content-encoding: gzip
date: Thu, 26 Jan 2023 15:52:31 GMT
content-length: 30917
x-cache: TCP_MEM_HIT from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
x-akamai-request-id: 3b5ea1f2
X-Firefox-Spdy: h2
www.mczbf.com/384165514209/pageInfo
54.230.111.40200 OK 68 B URL HTTP/1.1 www.mczbf.com/384165514209/pageInfo
IP 54.230.111.40:0
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 91e42db1c66c0b276abf6234dc50b2eb
c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
POST /384165514209/pageInfo HTTP/1.1
Host: www.mczbf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Content-Type: application/x-www-form-urlencoded
Origin: https://orgain.com
Content-Length: 307
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 68
Connection: keep-alive
Date: Thu, 26 Jan 2023 15:52:31 GMT
X-Request-ID: 7127b690-9d91-11ed-96ab-8db5496b8eaf
Server: nginx
Access-Control-Allow-Origin: *
Cache-Control: no-store
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 5HE__lBo7QQ_DYifx3D2FAJmDNiR0NAHpD8MZ7ySrSMgGy__WEJpiA==
us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
216.239.36.54204 No Content 0 B URL HTTP/2 us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
IP 216.239.36.54:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /pdst-events-prod-sink HTTP/1.1
Host: us-central1-adaptive-growth.cloudfunctions.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Content-Type: application/json
Origin: https://orgain.com
Content-Length: 826
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
function-execution-id: 1go1dm2dj3di
x-powered-by: Express
x-cloud-trace-context: 50b8ff1d09b6a0c0d6f4591c55d64f71
date: Thu, 26 Jan 2023 15:52:31 GMT
content-type: text/html
server: Google Frontend
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
54.144.99.223200 OK 0 B URL HTTP/2 p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
IP 54.144.99.223:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: p.tvpixel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://orgain.com/
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 15:52:31 GMT
content-length: 0
server: nginx
access-control-allow-origin: https://orgain.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 600
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://checkout.shopify.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 07:51:59 GMT
expires: Thu, 25 Jan 2024 07:51:59 GMT
cache-control: public, max-age=31536000
age: 115232
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://checkout.shopify.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 19:33:54 GMT
expires: Thu, 25 Jan 2024 19:33:54 GMT
cache-control: public, max-age=31536000
age: 73117
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dx.mountain.com/spx?dxver=4.0.0&shaid=32440&tdr=&plh=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&cb=32991108605169172term=value
52.88.179.26200 OK 5.1 kB URL HTTP/1.1 dx.mountain.com/spx?dxver=4.0.0&shaid=32440&tdr=&plh=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&cb=32991108605169172term=value
IP 52.88.179.26:0
File type Unicode text, UTF-8 text, with very long lines (19702), with no line terminators
Hash 33c7b602c3115b5d1d397004a631f224
8310e5c2e6cef61cefce7d96f0d6873ce0912a0c
1e579a4aebf691f62b53219b82824c85b6979d26dcc4573baf89a5e4eab2c3ec
GET /spx?dxver=4.0.0&shaid=32440&tdr=&plh=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&cb=32991108605169172term=value HTTP/1.1
Host: dx.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-encoding: gzip
content-type: application/javascript;charset=utf-8
date: Thu, 26 Jan 2023 15:52:30 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
connection: close
transfer-encoding: chunked
p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
54.144.99.223200 OK 2 B URL HTTP/2 p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
IP 54.144.99.223:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: p.tvpixel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Content-Type: application/json; charset=UTF-8
Content-Length: 1766
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 15:52:31 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=fcac9ef1-83cd-4d26-97a4-abae06d0920e; Expires=Fri, 26 Jan 2024 15:52:31 GMT; Domain=tvpixel.com; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://orgain.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Google+Sans+Text:400&text=%E2%86%90%E2%86%92%E2%86%91%E2%86%93&lang=en
142.250.74.106200 OK 20 kB URL HTTP/2 fonts.googleapis.com/css?family=Google+Sans+Text:400&text=%E2%86%90%E2%86%92%E2%86%91%E2%86%93&lang=en
IP 142.250.74.106:0
Hash 046bfbfeae015d56b0b7cb720a872dfd
f7b338fa3a77148a99460496fc5de3ed48e0df47
35ef913731e70bca730a10514430dd048fbed9a94690f341442315d0b836112f
GET /css?family=Google+Sans+Text:400&text=%E2%86%90%E2%86%92%E2%86%91%E2%86%93&lang=en HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 26 Jan 2023 15:52:31 GMT
date: Thu, 26 Jan 2023 15:52:31 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
analytics.tiktok.com/api/v2/pixel
23.36.79.32200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 1140
Origin: https://orgain.com
Connection: keep-alive
Cookie: _ttp=2Ks1CqyNtN0EdYkLtTza1QcCiO1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 202301261552318C8F43322852FFC18490
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60787dee798e7afc9c5500f386c65d6ca1f0ffd34a38f556688343b7db34845e51d46c5f419358468b1f019fe726436dcef842874e6be851db16e23e64dd80280953934540a194cd860c8188605b21d499
expires: Thu, 26 Jan 2023 15:52:31 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 26 Jan 2023 15:52:31 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=22, cdn-cache; desc=MISS, edge; dur=4, origin; dur=129
x-origin-response-time: 129,23.36.79.28
x-akamai-request-id: 3b5ea2b9
X-Firefox-Spdy: h2
analytics.tiktok.com/api/v2/pixel
23.36.79.32200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 1176
Origin: https://orgain.com
Connection: keep-alive
Cookie: _ttp=2Ks1CqyNtN0EdYkLtTza1QcCiO1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 202301261552312D1AB72A27874E9A73C7
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf6044faeb2b99c092c97016c61fe0db1beb90ddf3b244471bc00456a0f9406314d4b62f50af09ceda82d9174ff2dbbaca517c3ddb8675f2106c8768061ae82e7a9fb7f0cabf573c5001fd6ff592d2d5512512ed7997dc52deb21eb855e53d3e0a20
x-origin-response-time: 40,23.217.116.188
x-akamai-request-id: 4cf6f03e.3b5ea2b6
expires: Thu, 26 Jan 2023 15:52:31 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 26 Jan 2023 15:52:31 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-cache-remote: TCP_MISS from a23-217-116-188.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=105, origin; dur=40, inner; dur=38
x-parent-response-time: 140,23.36.79.28
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash ad7c89df5460545a7bc59b21fb8b3599
0a1f4a6289764d27a0922e3275aeef781267a743
1b6bdd255f0e9653664c742b0fa90e295d86788376ed6c3ce257dd2f0e9953ed
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 15:52:31 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 23 Jan 2023 13:02:15 GMT
Expires: Mon, 30 Jan 2023 13:02:14 GMT
Etag: "0a1f4a6289764d27a0922e3275aeef781267a743"
Cache-Control: max-age=334782,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78fa6a8cf94e0b69-OSL
d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
54.230.111.79200 OK 906 B URL HTTP/2 d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
IP 54.230.111.79:0
File type ASCII text, with very long lines (559)
Hash 5a7d2d8b22582e42ead790334613c696
441a3d5fbc9c0a7791fd5b73632e857999d889b5
01a2e63ad41c4d9cd9c96cb4a5dca63678978ea23805e4f20f3b8c682266ea45
GET /widget/widget_async.js HTTP/1.1
Host: d3rr3d0n31t48m.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 906
date: Thu, 26 Jan 2023 15:32:49 GMT
last-modified: Wed, 25 Jan 2023 15:31:28 GMT
cache-control: max-age=3600, public
content-encoding: gzip
x-amz-meta-mtime: 1674660687.23
accept-ranges: bytes
server: AmazonS3
etag: "5a7d2d8b22582e42ead790334613c696"
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dYhkTnrxDZxYDb8C-MV5Y3NG0kQeyeZf_pr-ArNq0ObVRDiKtNOg6w==
age: 1183
X-Firefox-Spdy: h2
cdn-widgetsrepository.yotpo.com/v1/loader/nrMQniDgXcFzSiDLTJlYSA
95.101.97.70200 OK 27 kB URL HTTP/2 cdn-widgetsrepository.yotpo.com/v1/loader/nrMQniDgXcFzSiDLTJlYSA
IP 95.101.97.70:0
File type Unicode text, UTF-8 text, with very long lines (584)
Hash 3eab96a7b3b0f7cdc20125eede3cf59f
d5947a3e7a3cd4b7401651d4c74204ca6042f3bd
dd278adfcc4b9157ba3e62930c045d27fdf03f26e718ddefa30d8c5a91a9e41a
GET /v1/loader/nrMQniDgXcFzSiDLTJlYSA HTTP/1.1
Host: cdn-widgetsrepository.yotpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-encoding: gzip
x-ratelimit-remaining-minute: 4999
x-ratelimit-limit-minute: 5000
ratelimit-remaining: 4999
ratelimit-limit: 5000
ratelimit-reset: 37
correlation-id: d9dbb8f2-c1d5-4d80-8c67-2ed5590177ae
x-kong-upstream-latency: 190
x-kong-proxy-latency: 3
content-length: 26583
date: Thu, 26 Jan 2023 15:52:31 GMT
vary: Accept-Encoding
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
snap.licdn.com/li.lms-analytics/insight.min.js
23.36.76.210200 OK 4.8 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP 23.36.76.210:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (13351)
Hash 74f72658f6efd10c4c286ab07cd5e452
9fa4dfc644b6e818914f2f2c4fe4bdf791fd6d39
6681619d5962f95b3fccfa34a7f035664edb66522d237ea0c28a05851f9d295c
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=10525
date: Thu, 26 Jan 2023 15:52:31 GMT
content-length: 4777
x-content-type-options: nosniff
x-cdn: AKAM
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash dda854cb90cda40c6a6dbc19eb186eca
0d23775c5af739aac0a41844d09c704ab850a1bd
7c432d209fcf9dde0ca59bf93f76526d98aab474041f19b2d6fe79942ed3a7e2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 15:52:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 7b8dcc42710b2f68c0ec782d2b2a3ae3
b865da423aa26e774270b8e3942b6fbe76793133
2da0fcf67d020f7c563946fca7ade89803cbe7cfe484f123640f8a9950b3f2b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 15:52:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash dda854cb90cda40c6a6dbc19eb186eca
0d23775c5af739aac0a41844d09c704ab850a1bd
7c432d209fcf9dde0ca59bf93f76526d98aab474041f19b2d6fe79942ed3a7e2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 15:52:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash e53b1d8b1f244c97e073382328e5c650
d1933a186c3b5351a8539f18e3f4f74237aefccc
2b3e14ffcd8e42c946fc8a66a44a97e543849ac1fd3fdefd85f774c86839716e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 15:52:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s.pinimg.com/ct/core.js
151.101.84.84200 OK 1.1 kB IP 151.101.84.84:0
File type ASCII text, with very long lines (1146), with no line terminators
Hash 91c4ea42bc7f1df938d8cd8de8d598db
ccecbe4405d83510ca1a6291c374ea8ab1da33d9
aacfea800a59766fdd3672fad8e5eba13abae2dab105014fc9214cb0c1409925
GET /ct/core.js HTTP/1.1
Host: s.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "91c4ea42bc7f1df938d8cd8de8d598db"
content-type: application/javascript
fastly-restarts: 1
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 86400
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=7200
date: Thu, 26 Jan 2023 15:52:31 GMT
content-length: 1146
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8127133a6d1c10ce4e3cbf6028b3e555
ce62fc282eee1a28e8bff5bd677cb0a63edea598
a411d44ecbe5c57bc81fca6c3c80a8de98cf82594bdb84dbef6e541e4df8d347
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5079
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 15:52:31 GMT
Last-Modified: Thu, 26 Jan 2023 14:27:52 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash e53b1d8b1f244c97e073382328e5c650
d1933a186c3b5351a8539f18e3f4f74237aefccc
2b3e14ffcd8e42c946fc8a66a44a97e543849ac1fd3fdefd85f774c86839716e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 15:52:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
staticw2.yotpo.com/e6Qhu0U3Y8BNEXZklU8D93LeAiowhYVAw08hi5Ds/widget.js
95.101.97.70200 OK 148 kB URL HTTP/2 staticw2.yotpo.com/e6Qhu0U3Y8BNEXZklU8D93LeAiowhYVAw08hi5Ds/widget.js
IP 95.101.97.70:0
File type ASCII text, with very long lines (50805)
Size 148 kB (147660 bytes)
Hash 71a7c4356ef44abe122dd6a25eed2a63
a51402e1a5ef56ebd7667243c0f080004b27d176
7d6040711e692bf2d5746dfa452547064bd996013a7116b4f4ff405a9f9ca082
GET /e6Qhu0U3Y8BNEXZklU8D93LeAiowhYVAw08hi5Ds/widget.js HTTP/1.1
Host: staticw2.yotpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-encoding: gzip
x-ratelimit-remaining-minute: 4999
x-ratelimit-limit-minute: 5000
ratelimit-remaining: 4999
ratelimit-limit: 5000
ratelimit-reset: 57
correlation-id: a4699dc3-0cc0-42e2-9ed8-1318357a04cd
x-kong-upstream-latency: 130
x-kong-proxy-latency: 2
content-length: 147660
cache-control: public, max-age=6338
date: Thu, 26 Jan 2023 15:52:31 GMT
vary: Accept-Encoding
server-timing: cdn-cache; desc=HIT, edge; dur=32
env: PRODUCTION
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/825569394/?random=1674748350660&cv=11&fst=1674748350660&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&auid=1627659480.1674748351&data=event%3Decomm_prodid&rfmt=3&fmt=4
142.250.74.66200 OK 936 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/825569394/?random=1674748350660&cv=11&fst=1674748350660&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&auid=1627659480.1674748351&data=event%3Decomm_prodid&rfmt=3&fmt=4
IP 142.250.74.66:0
File type ASCII text, with very long lines (1995), with no line terminators
Hash 1120f40808193757d0500ca201551fa0
2d76dcb9b5e6db475818f21f1e25fcb850318aab
654fbc2f1e649df50376d0ebd7b06a84d58b93e54a26d6f2eadd153f061a373c
GET /pagead/viewthroughconversion/825569394/?random=1674748350660&cv=11&fst=1674748350660&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&auid=1627659480.1674748351&data=event%3Decomm_prodid&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 26 Jan 2023 15:52:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 936
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 26-Jan-2023 16:07:31 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/789606081/?random=1674748350576&cv=11&fst=1674748350576&fmt=3&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&label=40OqCK-Ap4ECEMHdwfgC&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&oid=687302&value=%2446.19>m_ee=1&ec_m=body%3E%3Anth-child(5)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)*BDO%3Atrue%3A15%3Afalse*1&ec_sel=body%3E%3Anth-child(5)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)&ec_meta=BDO%3Atrue%3A15%3Afalse&ec_lat=2&ec_s=1&auid=1627659480.1674748351&ec_mode=a&data=event%3Dconversion&em=tv.1~em.i4pkbLwdpEskfbP_RWpnrrA_BaNVg03PGJ_jzOOx7LM&gcp=1&ct_cookie_present=1
142.250.74.66200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/789606081/?random=1674748350576&cv=11&fst=1674748350576&fmt=3&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&label=40OqCK-Ap4ECEMHdwfgC&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&oid=687302&value=%2446.19>m_ee=1&ec_m=body%3E%3Anth-child(5)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)*BDO%3Atrue%3A15%3Afalse*1&ec_sel=body%3E%3Anth-child(5)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)&ec_meta=BDO%3Atrue%3A15%3Afalse&ec_lat=2&ec_s=1&auid=1627659480.1674748351&ec_mode=a&data=event%3Dconversion&em=tv.1~em.i4pkbLwdpEskfbP_RWpnrrA_BaNVg03PGJ_jzOOx7LM&gcp=1&ct_cookie_present=1
IP 142.250.74.66:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/789606081/?random=1674748350576&cv=11&fst=1674748350576&fmt=3&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&label=40OqCK-Ap4ECEMHdwfgC&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&oid=687302&value=%2446.19>m_ee=1&ec_m=body%3E%3Anth-child(5)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)*BDO%3Atrue%3A15%3Afalse*1&ec_sel=body%3E%3Anth-child(5)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)&ec_meta=BDO%3Atrue%3A15%3Afalse&ec_lat=2&ec_s=1&auid=1627659480.1674748351&ec_mode=a&data=event%3Dconversion&em=tv.1~em.i4pkbLwdpEskfbP_RWpnrrA_BaNVg03PGJ_jzOOx7LM&gcp=1&ct_cookie_present=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 26 Jan 2023 15:52:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 26-Jan-2023 16:07:31 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/789606081/?random=1674748350740&cv=11&fst=1674748350740&fmt=3&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&label=U5evCMTMoL8DEMHdwfgC&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc>m_ee=1&auid=1627659480.1674748351&data=event%3Dpage_view%3Bpage_path%3D%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&gcp=1&ct_cookie_present=1
142.250.74.66200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/789606081/?random=1674748350740&cv=11&fst=1674748350740&fmt=3&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&label=U5evCMTMoL8DEMHdwfgC&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc>m_ee=1&auid=1627659480.1674748351&data=event%3Dpage_view%3Bpage_path%3D%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&gcp=1&ct_cookie_present=1
IP 142.250.74.66:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/789606081/?random=1674748350740&cv=11&fst=1674748350740&fmt=3&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&label=U5evCMTMoL8DEMHdwfgC&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc>m_ee=1&auid=1627659480.1674748351&data=event%3Dpage_view%3Bpage_path%3D%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&gcp=1&ct_cookie_present=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 26 Jan 2023 15:52:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 26-Jan-2023 16:07:31 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/401519874/?random=1674748350702&cv=11&fst=1674748350702&fmt=3&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&label=-XMGCOnzsowCEILqur8B&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&oid=687302&value=%2446.19>m_ee=1&auid=1627659480.1674748351&data=event%3Dconversion&gcp=1&ct_cookie_present=1
142.250.74.66200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/401519874/?random=1674748350702&cv=11&fst=1674748350702&fmt=3&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&label=-XMGCOnzsowCEILqur8B&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&oid=687302&value=%2446.19>m_ee=1&auid=1627659480.1674748351&data=event%3Dconversion&gcp=1&ct_cookie_present=1
IP 142.250.74.66:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/401519874/?random=1674748350702&cv=11&fst=1674748350702&fmt=3&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&label=-XMGCOnzsowCEILqur8B&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&oid=687302&value=%2446.19>m_ee=1&auid=1627659480.1674748351&data=event%3Dconversion&gcp=1&ct_cookie_present=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 26 Jan 2023 15:52:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 26-Jan-2023 16:07:31 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-conversion/789606081/?random=1674748350576&cv=11&fst=1674748350576&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&label=40OqCK-Ap4ECEMHdwfgC&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&oid=687302&value=%2446.19>m_ee=1&ec_m=body%3E%3Anth-child(5)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)*BDO%3Atrue%3A15%3Afalse*1&ec_sel=body%3E%3Anth-child(5)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)&ec_meta=BDO%3Atrue%3A15%3Afalse&ec_lat=2&ec_s=1&auid=1627659480.1674748351&ec_mode=a&data=event%3Dconversion&em=tv.1~em.i4pkbLwdpEskfbP_RWpnrrA_BaNVg03PGJ_jzOOx7LM&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
142.250.74.164302 Found 63 B URL HTTP/2 www.google.com/pagead/1p-conversion/789606081/?random=1674748350576&cv=11&fst=1674748350576&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&label=40OqCK-Ap4ECEMHdwfgC&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&oid=687302&value=%2446.19>m_ee=1&ec_m=body%3E%3Anth-child(5)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)*BDO%3Atrue%3A15%3Afalse*1&ec_sel=body%3E%3Anth-child(5)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)&ec_meta=BDO%3Atrue%3A15%3Afalse&ec_lat=2&ec_s=1&auid=1627659480.1674748351&ec_mode=a&data=event%3Dconversion&em=tv.1~em.i4pkbLwdpEskfbP_RWpnrrA_BaNVg03PGJ_jzOOx7LM&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
IP 142.250.74.164:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/789606081/?random=1674748350576&cv=11&fst=1674748350576&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&label=40OqCK-Ap4ECEMHdwfgC&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&oid=687302&value=%2446.19>m_ee=1&ec_m=body%3E%3Anth-child(5)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)*BDO%3Atrue%3A15%3Afalse*1&ec_sel=body%3E%3Anth-child(5)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)&ec_meta=BDO%3Atrue%3A15%3Afalse&ec_lat=2&ec_s=1&auid=1627659480.1674748351&ec_mode=a&data=event%3Dconversion&em=tv.1~em.i4pkbLwdpEskfbP_RWpnrrA_BaNVg03PGJ_jzOOx7LM&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 26 Jan 2023 15:52:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/789606081/?random=1674748350576&cv=11&fst=1674748350576&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&label=40OqCK-Ap4ECEMHdwfgC&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&oid=687302&value=%2446.19>m_ee=1&ec_m=body%3E%3Anth-child(5)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)*BDO%3Atrue%3A15%3Afalse*1&ec_sel=body%3E%3Anth-child(5)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(1)%3E%3Anth-child(3)%3E%3Anth-child(2)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(1)%3E%3Anth-child(2)%3E%3Anth-child(1)&ec_meta=BDO%3Atrue%3A15%3Afalse&ec_lat=2&ec_s=1&auid=1627659480.1674748351&ec_mode=a&data=event%3Dconversion&em=tv.1~em.i4pkbLwdpEskfbP_RWpnrrA_BaNVg03PGJ_jzOOx7LM&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/789606081/?random=1674748350564&cv=11&fst=1674748350564&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&auid=1627659480.1674748351&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.66200 OK 934 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/789606081/?random=1674748350564&cv=11&fst=1674748350564&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&auid=1627659480.1674748351&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.66:0
File type ASCII text, with very long lines (1991), with no line terminators
Hash 361ae320027c112bf5d2ca2bb676a997
3f169e180a053ba08c8c05fece079df05fe16580
1dc47b693f6c1de88ee20a8c5e7b6b749843d1477f576c2f66dd6f617b110f47
GET /pagead/viewthroughconversion/789606081/?random=1674748350564&cv=11&fst=1674748350564&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&auid=1627659480.1674748351&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 26 Jan 2023 15:52:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 934
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 26-Jan-2023 16:07:31 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bat.bing.com/bat.js
13.107.21.200200 OK 12 kB IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39395), with no line terminators
Hash 4f378a725368a42971cd69e29f75db89
2a1cdf193b346d9281c6e04a9b3775e7fc1ae11e
6a2a9d238501343cb3f25e0f54f4ecc4ec2c4e0fa6b228cc72dc3fff90502078
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11552
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:59:24 GMT
accept-ranges: bytes
etag: "076bc30652fd91:0"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A82F11C2354045F6B6D59D7B80A5B4B0 Ref B: OSL30EDGE0317 Ref C: 2023-01-26T15:52:31Z
date: Thu, 26 Jan 2023 15:52:31 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a5180c4392eaa1690c37dfad052a3a59
445d80e342387d74e27f6890b5f69ab1d53bfef4
1649195d1f4f0eb002b3c67f7c1943bdc4ae9380939b4f9c0eac7ffb16a3b78c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5641
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 15:52:31 GMT
Last-Modified: Thu, 26 Jan 2023 14:18:30 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash e53b1d8b1f244c97e073382328e5c650
d1933a186c3b5351a8539f18e3f4f74237aefccc
2b3e14ffcd8e42c946fc8a66a44a97e543849ac1fd3fdefd85f774c86839716e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 15:52:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash a0c08a6df039f3e8d7ca7cc829edb245
9685b208355e23d8cb5dc3b890e89fcda5848ee2
36cfc6d24e4756965561c514e48a13879c950142eb6f123b0cfc529609e00dc3
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 15:52:31 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 26 Jan 2023 15:37:47 GMT
Expires: Thu, 02 Feb 2023 15:37:46 GMT
Etag: "9685b208355e23d8cb5dc3b890e89fcda5848ee2"
Cache-Control: max-age=603314,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78fa6a8f2b3b0b69-OSL
cdn.shopify.com/shopifycloud/shopify/assets/checkout/esnext/sandboxed_services-00fe4e1da267cb8ce9e2e0b5f9d3a6f92c7c7fd06aad1d2a09b91e58075b3f20.js
23.227.60.200200 OK 83 kB URL HTTP/2 cdn.shopify.com/shopifycloud/shopify/assets/checkout/esnext/sandboxed_services-00fe4e1da267cb8ce9e2e0b5f9d3a6f92c7c7fd06aad1d2a09b91e58075b3f20.js
IP 23.227.60.200:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (32768)
Hash 7be76b085b3f67b598482930fb681df1
cc8855727bfcffc7dc0983f2876268554c9308f9
120834296e66076a3ce163018bafc6c20ea3f68a43685de8b9c6269d0a730f01
GET /shopifycloud/shopify/assets/checkout/esnext/sandboxed_services-00fe4e1da267cb8ce9e2e0b5f9d3a6f92c7c7fd06aad1d2a09b91e58075b3f20.js HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://checkout.shopify.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 15:52:30 GMT
content-type: text/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/checkout/esnext/sandboxed_services-00fe4e1da267cb8ce9e2e0b5f9d3a6f92c7c7fd06aad1d2a09b91e58075b3f20.js>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: c440c1f8-4f18-42db-94a6-5a1f76e3a501
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-central1
last-modified: Fri, 26 Aug 2022 05:10:36 GMT
cf-cache-status: HIT
age: 13257713
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l0KPsjJkw1JHkOK6sK46kT%2Fguy2cXm%2B8onVOFw1h3J82B4S4al4YTk94Jjgb1PGRA8qBqxn0qARb5h%2Fieb3k5lo1Sk4cFz9EbrrYSA5P1sUS5ChBbjwSbM32kLhbO3ycaw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=46.589, imageryFetch;dur=46.429, cfRequestDuration;dur=13.999939
server: cloudflare
cf-ray: 78fa6a878f96b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.google.com/pagead/1p-conversion/789606081/?random=1674748350740&cv=11&fst=1674748350740&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&label=U5evCMTMoL8DEMHdwfgC&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc>m_ee=1&auid=1627659480.1674748351&data=event%3Dpage_view%3Bpage_path%3D%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
142.250.74.164302 Found 63 B URL HTTP/2 www.google.com/pagead/1p-conversion/789606081/?random=1674748350740&cv=11&fst=1674748350740&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&label=U5evCMTMoL8DEMHdwfgC&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc>m_ee=1&auid=1627659480.1674748351&data=event%3Dpage_view%3Bpage_path%3D%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
IP 142.250.74.164:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/789606081/?random=1674748350740&cv=11&fst=1674748350740&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&label=U5evCMTMoL8DEMHdwfgC&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc>m_ee=1&auid=1627659480.1674748351&data=event%3Dpage_view%3Bpage_path%3D%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 26 Jan 2023 15:52:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/789606081/?random=1674748350740&cv=11&fst=1674748350740&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&label=U5evCMTMoL8DEMHdwfgC&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc>m_ee=1&auid=1627659480.1674748351&data=event%3Dpage_view%3Bpage_path%3D%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
44.228.85.26/is
44.228.85.26200 OK 32 B IP 44.228.85.26:0
File type ASCII text, with no line terminators
Hash 2ae12190d7c53800fa46eb571ab48194
6672cc8bd52fe8fb85b532668afc74bce1c626de
7d3aa2ef1ed84a2e451d932b4f33c588aa056f1fb7c611fc908513c125733a2f
Analyzer Verdict Alert quad9 Sinkholed
GET /is HTTP/1.1
Host: 44.228.85.26
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Thu, 26 Jan 2023 15:52:31 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
x-application-context: application:prod:8080
content-type: text/plain;charset=utf-8
content-length: 32
x-envoy-upstream-service-time: 1
server: istio-envoy
connection: close
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8127133a6d1c10ce4e3cbf6028b3e555
ce62fc282eee1a28e8bff5bd677cb0a63edea598
a411d44ecbe5c57bc81fca6c3c80a8de98cf82594bdb84dbef6e541e4df8d347
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5079
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 15:52:31 GMT
Last-Modified: Thu, 26 Jan 2023 14:27:52 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash dda854cb90cda40c6a6dbc19eb186eca
0d23775c5af739aac0a41844d09c704ab850a1bd
7c432d209fcf9dde0ca59bf93f76526d98aab474041f19b2d6fe79942ed3a7e2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 15:52:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 04cb7fc8b1e2a65a0b198cc53eb5e5cd
6d04611612d81108e856467f0e4b0479cbb37d33
1c745d8ace7ea6f8e5d7da5e9c067b7b3427ce9c5a5e2c5c35d1c345266de518
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 15:52:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
staticw2.yotpo.com/e6Qhu0U3Y8BNEXZklU8D93LeAiowhYVAw08hi5Ds/widget.css?widget_version=2022-10-06_07-58-33
95.101.97.70200 OK 40 kB URL HTTP/2 staticw2.yotpo.com/e6Qhu0U3Y8BNEXZklU8D93LeAiowhYVAw08hi5Ds/widget.css?widget_version=2022-10-06_07-58-33
IP 95.101.97.70:0
File type ASCII text, with very long lines (65423)
Hash 99057d0c6591036eac20884700cea1cc
3f6dfd2ea6da5697f67d8dfb724a47173b7dc591
f03feb9859fa06e78526e7c0485e5b845f952cafad3e626b465e9936a39df9e5
GET /e6Qhu0U3Y8BNEXZklU8D93LeAiowhYVAw08hi5Ds/widget.css?widget_version=2022-10-06_07-58-33 HTTP/1.1
Host: staticw2.yotpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
status: 200 OK
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: br
etag: W/"99057d0c6591036eac20884700cea1cc"
x-request-id: 7afe4bdaf83fbf07c4394b687dc7b39a
x-runtime: 0.126072
access-control-allow-headers: *
content-length: 39591
cache-control: public, max-age=5194
date: Thu, 26 Jan 2023 15:52:32 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=5
env: PRODUCTION
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
vars.hotjar.com/box-ff00c703c3bbdf54ae44ee858d64f69e.html
54.230.111.85200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-ff00c703c3bbdf54ae44ee858d64f69e.html
IP 54.230.111.85:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash 730971b89ffa8b99e4157f49a4275594
7041ce872cc30e32c6b04a958b0cf810e5fc5651
da09da5b55ce65cdb58f29842d654aa637580d8c4d5d3cddfa08de6d866dcf65
GET /box-ff00c703c3bbdf54ae44ee858d64f69e.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Wed, 18 Jan 2023 10:13:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "730971b89ffa8b99e4157f49a4275594"
last-modified: Wed, 18 Jan 2023 10:12:30 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vjv-5GnMHXO38PGDMU_96bIsdzPe6ga08H1zIBxoYRpOMaF7YvS_xg==
age: 711566
X-Firefox-Spdy: h2
35.85.84.151/is
35.85.84.151200 OK 32 B IP 35.85.84.151:0
File type ASCII text, with no line terminators
Hash 63ce42bd0e2119a1b2a668f872a576db
729980991eac24582a8828d768077fbb94232032
c9a825f127c6798a3f339e610bb24e3547b316805469a38246eda8f28423cc38
Analyzer Verdict Alert quad9 Sinkholed
GET /is HTTP/1.1
Host: 35.85.84.151
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Thu, 26 Jan 2023 15:52:32 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
x-application-context: application:prod:8080
content-type: text/plain;charset=utf-8
content-length: 32
x-envoy-upstream-service-time: 1
server: istio-envoy
connection: close
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 810bf2bf9f302d0a65b1e0b447b549ef
d6ddcc1e64a1392f5942c0fc45864a282a93854e
f61096b63e6f62872d6d30aac7671c72403bba82f4f5c555add8e0997675f712
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 15:52:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-9393434-7&cid=1818172800.1674748352&jid=1651088348&gjid=1910389145&_gid=609958806.1674748352&_u=YEBAAEAAAAAAACAAI~&z=1172687509
173.194.221.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-9393434-7&cid=1818172800.1674748352&jid=1651088348&gjid=1910389145&_gid=609958806.1674748352&_u=YEBAAEAAAAAAACAAI~&z=1172687509
IP 173.194.221.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-9393434-7&cid=1818172800.1674748352&jid=1651088348&gjid=1910389145&_gid=609958806.1674748352&_u=YEBAAEAAAAAAACAAI~&z=1172687509 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Content-Type: text/plain
Content-Length: 0
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://orgain.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 26 Jan 2023 15:52:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 1f4c8e17a668764556ab61c7c31e53c7
ada5ee5917ab9faf3d55a6da1d5bfc3077e42de2
8ac89ed8b6650ea140c2eac1b1dd61f8498e97e278e6bd6debfd803a588e2468
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 15:52:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
checkout.shopify.com/7408320621/sandbox/google_maps?locale=en-US
23.227.38.33200 OK 1.4 kB URL HTTP/2 checkout.shopify.com/7408320621/sandbox/google_maps?locale=en-US
IP 23.227.38.33:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (318)
Hash 5680842a9f5127a37b05032ba9c8ca11
1925d00276e3ce07231eced984e60013529563fe
e806c2838bcf95d4f0fcec017ed6e310b3f25324731e98bf721247670ae387f6
GET /7408320621/sandbox/google_maps?locale=en-US HTTP/1.1
Host: checkout.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 15:52:30 GMT
content-type: text/html; charset=utf-8
x-sorting-hat-podid: 108
x-sorting-hat-shopid: 7408320621
vary: Accept-Encoding
x-shopid: 7408320621
x-shardid: 108
x-robots-tag: none
referrer-policy: origin-when-cross-origin
content-language: en-US
cache-control: no-cache
strict-transport-security: max-age=315569520; includeSubdomains
set-cookie: _cmp_a=%7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22merchant_geo%22%3A%22USUSCA%22%2C%22sale_of_data_region%22%3Afalse%7D; domain=shopify.com; path=/; expires=Fri, 27 Jan 2023 15:52:30 GMT; SameSite=Lax
_orig_referrer=https%3A%2F%2Forgain.com%2F; Expires=Thu, 09-Feb-23 15:52:30 GMT; Domain=shopify.com; Path=/; HttpOnly; SameSite=Lax
_landing_page=%2F7408320621%2Fsandbox%2Fgoogle_maps%3Flocale%3Den-US; Expires=Thu, 09-Feb-23 15:52:30 GMT; Domain=shopify.com; Path=/; HttpOnly; SameSite=Lax
_y=6110ced4-0c9f-4722-a8de-9db3a1ab1bfe; Expires=Fri, 26-Jan-24 15:52:30 GMT; Domain=shopify.com; Path=/; SameSite=Lax
_s=3d429d73-2756-4b76-8f62-2e1e5a48c1e9; Expires=Thu, 26-Jan-23 16:22:30 GMT; Domain=shopify.com; Path=/; SameSite=Lax
_shopify_y=6110ced4-0c9f-4722-a8de-9db3a1ab1bfe; Expires=Fri, 26-Jan-24 15:52:30 GMT; Domain=shopify.com; Path=/; SameSite=Lax
_shopify_s=3d429d73-2756-4b76-8f62-2e1e5a48c1e9; Expires=Thu, 26-Jan-23 16:22:30 GMT; Domain=shopify.com; Path=/; SameSite=Lax
x-shopify-stage: production
content-security-policy: frame-ancestors *; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=google_maps&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Fsandbox&source%5Bsection%5D=checkout&source%5Bshop_id%5D=7408320621&source%5Buuid%5D=ea425a73-88f8-4b28-9c82-834bdf567eed
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block; report=/xss-report?source%5Baction%5D=google_maps&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Fsandbox&source%5Bsection%5D=checkout&source%5Bshop_id%5D=7408320621&source%5Buuid%5D=ea425a73-88f8-4b28-9c82-834bdf567eed
x-dc: gcp-europe-north1,gcp-us-east1,gcp-us-east1
x-request-id: ea425a73-88f8-4b28-9c82-834bdf567eed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Od34fSSQIVIXY4mGpXo28OcYuvojV9KrSlick3E14Akfs88EXnkhGvoOE83B2M5WE4hbAkgwfO%2FbVoLXYyKkbF7eAZvpAr5K%2FWfoqQ42OCMcyF9ywlBdLsctPV0AfIqPgWAJB%2Bs5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=273.999929
server: cloudflare
cf-ray: 78fa6a85ae47b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api.yotpo.com/conversion_tracking?app_key=e6Qhu0U3Y8BNEXZklU8D93LeAiowhYVAw08hi5Ds&v=1
34.204.249.170200 OK 3.9 kB URL HTTP/2 api.yotpo.com/conversion_tracking?app_key=e6Qhu0U3Y8BNEXZklU8D93LeAiowhYVAw08hi5Ds&v=1
IP 34.204.249.170:0
Hash d24c5239fa1d905bd4e16eebd3f2572d
bf5e4fadaef1e39ea03c4dcb602653bbe99f0cad
ac0c1914dabfc78a94b27c93b94d020b8b20f06633529cc1525d2d58166f66ef
POST /conversion_tracking?app_key=e6Qhu0U3Y8BNEXZklU8D93LeAiowhYVAw08hi5Ds&v=1 HTTP/1.1
Host: api.yotpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Content-type: application/x-www-form-urlencoded
Content-Length: 132
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 15:52:32 GMT
content-type: application/json; charset=utf-8
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-robots-tag: noindex
yotpo_parsed_request: {"format":"json","controller":"conversion_orders","action":"track_conversion"}
etag: W/"09ac17a5b7e908b8e907ec16392e1a99"
cache-control: max-age=0, private, must-revalidate
x-request-id: 6e0727a3201ceede6adf1d0d22fac9cc
x-runtime: 0.016246
access-control-allow-origin: https://orgain.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
x-ratelimit-remaining-minute: 4999
x-ratelimit-limit-minute: 5000
ratelimit-remaining: 4999
ratelimit-limit: 5000
ratelimit-reset: 28
correlation-id: f643969c-2905-4f20-acf4-99b5261f4dce
x-kong-upstream-latency: 20
x-kong-proxy-latency: 2
via: kong/2.1.4
X-Firefox-Spdy: h2
cdn-widgetsrepository.yotpo.com/widget-assets/yotpo-pixel/2022-12-06_09-10-14/bundle.js
95.101.97.70200 OK 16 kB URL HTTP/2 cdn-widgetsrepository.yotpo.com/widget-assets/yotpo-pixel/2022-12-06_09-10-14/bundle.js
IP 95.101.97.70:0
Hash d22a977c440faf770e1d39ff00a7e1cc
a4b75b39d414a670e9b97506dcb9dcbfebf92c8f
be1f12383f567dff924756d7586d9089c17d082ec3dc2411358ffd637f1f1cac
GET /widget-assets/yotpo-pixel/2022-12-06_09-10-14/bundle.js HTTP/1.1
Host: cdn-widgetsrepository.yotpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: JnGljnG5MsUzlBtVQtVIwwdoYV30tM7s4Riy4hQdOkIVBWM1/xjwSdX01ZJYr5X8JLqJ6bbQrxo=
x-amz-request-id: E5E1TTDR6S6B3XQ2
last-modified: Tue, 06 Dec 2022 09:10:21 GMT
etag: "aaa4223431ceb8bf734e9e241fc39c89"
x-amz-version-id: Urn5iuJOxPwl9H.GMq9Oc7wRRb1DTuGc
accept-ranges: bytes
content-type: text/javascript
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Fri, 26 Jan 2024 15:52:32 GMT
date: Thu, 26 Jan 2023 15:52:32 GMT
content-length: 16306
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400&lang=en
142.250.74.106200 OK 4.9 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400&lang=en
IP 142.250.74.106:0
Hash 5db3448d8a92e16cc1f20126f171d419
6d2c58a8778e4465021d2a270bb88fcf4e34800b
43b1dffdd583a6fe11edd838da255a5fb732e6cce9b48e3dfc7c7b5e431ce9e4
GET /css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400&lang=en HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 26 Jan 2023 15:52:31 GMT
date: Thu, 26 Jan 2023 15:52:31 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn-widget-assets.yotpo.com/widgets-initializer/app.v0.2.0-3926.js
95.101.97.70200 OK 9.7 kB URL HTTP/2 cdn-widget-assets.yotpo.com/widgets-initializer/app.v0.2.0-3926.js
IP 95.101.97.70:0
File type ASCII text, with very long lines (21913)
Hash 5e76fcb1200132616bd531e13894683c
cd14da9c77d46aba52ced2822bfbb9ead805656c
9c45d18b77797983fbc362db37855d061e3b6049d4b31ef4337e0a143cbdfaa0
GET /widgets-initializer/app.v0.2.0-3926.js HTTP/1.1
Host: cdn-widget-assets.yotpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: yzl+FUSEELOHuLpKS6ra6MwQMIs92/rtCRQ9f+hFpQZgOsZJVGP/y5mr2PiO7DngvtHO4aoT6J4=
x-amz-request-id: MWAX576YDW8KRGR8
last-modified: Sun, 15 Jan 2023 23:05:49 GMT
etag: "c392a1d5bc5dd47e69a5b3883ad56167"
x-amz-meta-s3cmd-attrs: atime:1673823948/ctime:1673823948/gid:117/gname:jenkins/md5:c392a1d5bc5dd47e69a5b3883ad56167/mode:33188/mtime:1673823948/uid:110/uname:jenkins
x-amz-version-id: gaI5_HZVXcKgdfsCLu7FIMLQEFHXBRDB
accept-ranges: bytes
content-type: application/javascript
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=30748286
date: Thu, 26 Jan 2023 15:52:32 GMT
content-length: 9692
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=11000740&Ver=2&mid=70706316-00a3-4b7c-bcb1-d2ddb2cf5772&sid=7199ff109d9111edb14e5945a0637528&vid=719a0a809d9111edbc21138e00f3c243&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&p=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&r=<=3780&evt=pageLoad&sv=1&rn=61199
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=11000740&Ver=2&mid=70706316-00a3-4b7c-bcb1-d2ddb2cf5772&sid=7199ff109d9111edb14e5945a0637528&vid=719a0a809d9111edbc21138e00f3c243&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&p=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&r=<=3780&evt=pageLoad&sv=1&rn=61199
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=11000740&Ver=2&mid=70706316-00a3-4b7c-bcb1-d2ddb2cf5772&sid=7199ff109d9111edb14e5945a0637528&vid=719a0a809d9111edbc21138e00f3c243&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&p=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&r=<=3780&evt=pageLoad&sv=1&rn=61199 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=06A4161F19CF69AC217304BA18986846; domain=.bing.com; expires=Tue, 20-Feb-2024 15:52:32 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 015A2CE4987D4192A802C0D0451E11DD Ref B: OSL30EDGE0317 Ref C: 2023-01-26T15:52:32Z
date: Thu, 26 Jan 2023 15:52:32 GMT
X-Firefox-Spdy: h2
script.hotjar.com/modules.ea0a6d6a741d5de8308e.js
54.230.111.93200 OK 69 kB URL HTTP/2 script.hotjar.com/modules.ea0a6d6a741d5de8308e.js
IP 54.230.111.93:0
File type Unicode text, UTF-8 text, with very long lines (48015)
Hash e45ceb77c1a47254136f1ef733de65df
7cc640ca25ac5232038a02fbaf6d2677871ebaf0
25e950716f031b1000c0fc674457836b68ad60912f265f7efc190f6a93a71a2d
GET /modules.ea0a6d6a741d5de8308e.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68675
date: Fri, 20 Jan 2023 11:10:05 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "e45ceb77c1a47254136f1ef733de65df"
last-modified: Fri, 20 Jan 2023 11:09:55 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lhoy15Qa9R-sI47SrKkqvQFi8mOm0LRubO7uo_v-50fqTgLCWKaxkw==
age: 535347
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 6535ae9529ced8e4fe9cab67dbfbcd06
cd8a01acf3cc5ba2797073d284f5d2f03965ea23
ac898dcf507ac6aea5bed267e6b94e2e187b3255d12f13b6dc7a983547727518
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 15:52:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 6535ae9529ced8e4fe9cab67dbfbcd06
cd8a01acf3cc5ba2797073d284f5d2f03965ea23
ac898dcf507ac6aea5bed267e6b94e2e187b3255d12f13b6dc7a983547727518
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 15:52:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 6535ae9529ced8e4fe9cab67dbfbcd06
cd8a01acf3cc5ba2797073d284f5d2f03965ea23
ac898dcf507ac6aea5bed267e6b94e2e187b3255d12f13b6dc7a983547727518
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 15:52:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 6535ae9529ced8e4fe9cab67dbfbcd06
cd8a01acf3cc5ba2797073d284f5d2f03965ea23
ac898dcf507ac6aea5bed267e6b94e2e187b3255d12f13b6dc7a983547727518
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 15:52:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/p/action/11000740.js
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/11000740.js
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/11000740.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3F605CEF51774EB098B7A8CFF12F2E49 Ref B: OSL30EDGE0317 Ref C: 2023-01-26T15:52:32Z
date: Thu, 26 Jan 2023 15:52:32 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 6535ae9529ced8e4fe9cab67dbfbcd06
cd8a01acf3cc5ba2797073d284f5d2f03965ea23
ac898dcf507ac6aea5bed267e6b94e2e187b3255d12f13b6dc7a983547727518
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 15:52:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-conversion/789606081/?random=1674748350740&cv=11&fst=1674748350740&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&label=U5evCMTMoL8DEMHdwfgC&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc>m_ee=1&auid=1627659480.1674748351&data=event%3Dpage_view%3Bpage_path%3D%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
142.250.74.163200 OK 63 B URL HTTP/2 www.google.no/pagead/1p-conversion/789606081/?random=1674748350740&cv=11&fst=1674748350740&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&label=U5evCMTMoL8DEMHdwfgC&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc>m_ee=1&auid=1627659480.1674748351&data=event%3Dpage_view%3Bpage_path%3D%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP 142.250.74.163:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/789606081/?random=1674748350740&cv=11&fst=1674748350740&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&label=U5evCMTMoL8DEMHdwfgC&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&hn=www.google.com&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc>m_ee=1&auid=1627659480.1674748351&data=event%3Dpage_view%3Bpage_path%3D%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 26 Jan 2023 15:52:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 84aa7c8be13b76b423962ff1e09fa898
41f2bef03fd40e0b951f08b1fdf4167c57bb401a
e70b8e1b743a4cdc869db007de9cf58ddc56ec5b0041022f5fea7c96cb446d90
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6129
Cache-Control: max-age=85444
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 15:52:32 GMT
Etag: "63d13493-1d7"
Expires: Fri, 27 Jan 2023 15:36:36 GMT
Last-Modified: Wed, 25 Jan 2023 13:54:27 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-9393434-7&cid=1818172800.1674748352&jid=1651088348&_u=YEBAAEAAAAAAACAAI~&z=8620349
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-9393434-7&cid=1818172800.1674748352&jid=1651088348&_u=YEBAAEAAAAAAACAAI~&z=8620349
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-9393434-7&cid=1818172800.1674748352&jid=1651088348&_u=YEBAAEAAAAAAACAAI~&z=8620349 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 26 Jan 2023 15:52:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/789606081/?random=1674748350564&cv=11&fst=1674745200000&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=284743141&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/789606081/?random=1674748350564&cv=11&fst=1674745200000&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=284743141&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/789606081/?random=1674748350564&cv=11&fst=1674745200000&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=284743141&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 26 Jan 2023 15:52:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/825569394/?random=1674748350660&cv=11&fst=1674745200000&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&data=event%3Decomm_prodid&fmt=3&is_vtc=1&random=2965284751&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/825569394/?random=1674748350660&cv=11&fst=1674745200000&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&data=event%3Decomm_prodid&fmt=3&is_vtc=1&random=2965284751&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/825569394/?random=1674748350660&cv=11&fst=1674745200000&bg=ffffff&guid=ON&async=1>m=2wg1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&tiba=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&data=event%3Decomm_prodid&fmt=3&is_vtc=1&random=2965284751&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 26 Jan 2023 15:52:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
c.tvpixel.com/js/current/dpm_pixel_min.js?aid=vdx-orgain-dc7b56f7-7ee8-4119-aea0-94be6037f5f1
54.230.111.73200 OK 32 kB URL HTTP/2 c.tvpixel.com/js/current/dpm_pixel_min.js?aid=vdx-orgain-dc7b56f7-7ee8-4119-aea0-94be6037f5f1
IP 54.230.111.73:0
File type ASCII text, with very long lines (60150)
Hash 2525ef9e58f5fbdb8d679114d1935fbe
ef4a972c1b49b51a195baf7a3810b5697e461708
a6eb458142f2829fdc1adf15d8af74cf4ad0585022459be8cb685bb630960570
GET /js/current/dpm_pixel_min.js?aid=vdx-orgain-dc7b56f7-7ee8-4119-aea0-94be6037f5f1 HTTP/1.1
Host: c.tvpixel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Sep 2021 18:14:59 GMT
x-amz-version-id: oMk5SFqHXboEDRm2.vDWImtx_4ARYxEl
server: AmazonS3
content-encoding: gzip
date: Wed, 25 Jan 2023 20:58:26 GMT
etag: W/"08e770c8a17bf087d50cec01af0892c2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ak7IeOXVvExQkHSFLwRbEYSSyDMf7qzMvajcH18DLkK_czzlFKiCEQ==
age: 68052
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 6535ae9529ced8e4fe9cab67dbfbcd06
cd8a01acf3cc5ba2797073d284f5d2f03965ea23
ac898dcf507ac6aea5bed267e6b94e2e187b3255d12f13b6dc7a983547727518
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 15:52:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ct.pinterest.com/user/?tid=2613712472924&pd=%7B%22em%22%3A%22e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855%22%7D&cb=1674748352808&dep=2%2CPAGE_LOAD
2.18.172.195200 OK 380 B URL HTTP/2 ct.pinterest.com/user/?tid=2613712472924&pd=%7B%22em%22%3A%22e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855%22%7D&cb=1674748352808&dep=2%2CPAGE_LOAD
IP 2.18.172.195:0
File type JSON data\012- , ASCII text, with very long lines (538), with no line terminators
Hash 509f9f17664ea845ece0a38f0f7a70bf
849d5513fa36d2441b3325575ff2d074594e1591
4869150f10b5577c79966bc43ba24d1d9e7b2bb8cb89964263015cb7dae9a9e8
GET /user/?tid=2613712472924&pd=%7B%22em%22%3A%22e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855%22%7D&cb=1674748352808&dep=2%2CPAGE_LOAD HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-expose-headers: Epik,Pin-Unauth
pin-unauth: dWlkPVlXSmlObVZsTWpRdFpHUmxaUzAwTXpVMUxUZzFZMk10WlRFd09EVmpNems1WlRFMQ
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-origin: https://orgain.com
content-type: application/json; charset=utf-8
content-encoding: gzip
content-length: 380
x-envoy-upstream-service-time: 2
referrer-policy: origin
x-pinterest-rid: 1639640869291984
date: Thu, 26 Jan 2023 15:52:32 GMT
vary: Accept-Encoding
akamai-grn: 0.540a655f.1674748352.e91f332
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.1.0&compat=false&tp=true&tp_split=false&fp_static=false&fp_dyn=true&flash=false
54.228.71.178200 OK 19 kB URL HTTP/1.1 mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.1.0&compat=false&tp=true&tp_split=false&fp_static=false&fp_dyn=true&flash=false
IP 54.228.71.178:0
File type ASCII text, with very long lines (1056)
Hash 8ac78a0c4492d20e81c059309614e5fe
636369ec4e3305bc9399c0136ea9c4532a22fdf4
09cf21701a4049d215e0e464aaeb14a8c7c0a4e8f32c44093ca37c841174a56a
GET /general5/wdp.js?loaderVer=5.1.0&compat=false&tp=true&tp_split=false&fp_static=false&fp_dyn=true&flash=false HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 26 Jan 2023 15:52:32 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: io_token_7c6a6574-f011-4c9a-abdd-9894a102ccef=HThIXuhCn0Y3KlQ6V+VZ9qk4amzUpn/k+3/NMESYedc=;Path=/;Expires=Fri, 26-Jan-2024 15:52:32 GMT;Max-Age=31536000;Secure;HttpOnly;SameSite=None
Cache-Control: no-cache, private
Pragma: no-cache
Expires: 0
p3p: CP="NON DSP COR CURa"
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash bf4cd19082699c0a6eece4caaf984f1b
c372c0c675d3e8c8debd258d087c42785a90b2ff
ec77b31debd1caa7bef8546d6412a80ccfacec04a4582902e26b2fffc4c950b1
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=105752
Date: Thu, 26 Jan 2023 15:52:32 GMT
Etag: "63d1917a-1d7"
Expires: Fri, 27 Jan 2023 21:15:04 GMT
Last-Modified: Wed, 25 Jan 2023 20:30:50 GMT
Server: ECS (nyb/1D2D)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: HATUC6P6WL9gT7KLW0_E1mAo5wrHXCTTD8o-vQQ2KCDK5-158R0Ciw==
Age: 2654
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash bf4cd19082699c0a6eece4caaf984f1b
c372c0c675d3e8c8debd258d087c42785a90b2ff
ec77b31debd1caa7bef8546d6412a80ccfacec04a4582902e26b2fffc4c950b1
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=106890
Date: Thu, 26 Jan 2023 15:52:32 GMT
Etag: "63d1917a-1d7"
Expires: Fri, 27 Jan 2023 21:34:02 GMT
Last-Modified: Wed, 25 Jan 2023 20:30:50 GMT
Server: ECS (nyb/1D08)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: aPH5XfdBzAuETj6syEl0lQ7YBR47cTQjBCO7sDJZ8qIW4PxAcYoz4g==
Age: 3792
px.ads.linkedin.com/collect?v=2&fmt=js&pid=1655794&time=1674748351826&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc
13.107.42.14302 Found 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=1655794&time=1674748351826&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=1655794&time=1674748351826&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1655794%26time%3D1674748351826%26url%3Dhttps%253A%252F%252Forgain.com%252F7408320621%252Forders%252F6e4a4a183201fc46f1496c922f543fbc%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQIbsGEZeiMwQgAAAYXux9meDu9x6L_YZyvcUyFSzADNEXtRB0qN4pvNHKj4wqt2-SHy_M-fuD24Qg; Max-Age=2592000; Expires=Sat, 25 Feb 2023 15:52:32 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQLT5Uc8eaxT1QAAAYXux9me1iRDY4RhtkJvP4PcgxV2asshiJp4pk06MU84DSnzmoSuuyIH-9zc9Qjpwbf0UA; Max-Age=2592000; Expires=Sat, 25 Feb 2023 15:52:32 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&15c0af8a-2274-4bf4-878d-6167d79f0ea8"; domain=.linkedin.com; Path=/; Secure; Expires=Fri, 26-Jan-2024 15:52:32 GMT; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2421:u=1:x=1:i=1674748352:t=1674834752:v=2:sig=AQFeB34Ejd1laWZeL6deGHeR9rteaZ42"; Expires=Fri, 27 Jan 2023 15:52:32 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXzLLyp/Yoylx/Sq9jkFg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 173D433547AE4F1AB7D1E55D3D060871 Ref B: OSL30EDGE0220 Ref C: 2023-01-26T15:52:32Z
date: Thu, 26 Jan 2023 15:52:32 GMT
content-length: 0
X-Firefox-Spdy: h2
p.yotpo.com/i?e=tr&se_va=e6Qhu0U3Y8BNEXZklU8D93LeAiowhYVAw08hi5Ds&tr_id=4612456874093&tr_tt=46.19&tr_cu=USD&dtm=1674748352554&tid=892488&vp=1280x939&ds=1268x1391&vid=1&duid=4cbfb3d69fcbe1b2&p=web&tv=js-0.13.2&fp=3963981668&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=Etc%2FUTC&res=1280x1024&cd=24&cookie=1&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc
3.66.109.71200 OK 35 B URL HTTP/2 p.yotpo.com/i?e=tr&se_va=e6Qhu0U3Y8BNEXZklU8D93LeAiowhYVAw08hi5Ds&tr_id=4612456874093&tr_tt=46.19&tr_cu=USD&dtm=1674748352554&tid=892488&vp=1280x939&ds=1268x1391&vid=1&duid=4cbfb3d69fcbe1b2&p=web&tv=js-0.13.2&fp=3963981668&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=Etc%2FUTC&res=1280x1024&cd=24&cookie=1&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc
IP 3.66.109.71:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /i?e=tr&se_va=e6Qhu0U3Y8BNEXZklU8D93LeAiowhYVAw08hi5Ds&tr_id=4612456874093&tr_tt=46.19&tr_cu=USD&dtm=1674748352554&tid=892488&vp=1280x939&ds=1268x1391&vid=1&duid=4cbfb3d69fcbe1b2&p=web&tv=js-0.13.2&fp=3963981668&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=Etc%2FUTC&res=1280x1024&cd=24&cookie=1&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc HTTP/1.1
Host: p.yotpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 15:52:33 GMT
content-type: image/gif
content-length: 35
server: nginx
set-cookie: pixel=d9e5f960-96b1-4aff-629d-573fd2b5745d; Path=/; Domain=yotpo.com; Max-Age=31536000; HttpOnly; Secure; SameSite=None
expires: Fri, 27 Jan 2023 15:52:33 GMT
cache-control: max-age=86400, private
X-Firefox-Spdy: h2
p.yotpo.com/i?e=pv&page=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&se_va=e6Qhu0U3Y8BNEXZklU8D93LeAiowhYVAw08hi5Ds&cx=eyJwdl91dWlkIjo2NzQ0OTMzNzV9&dtm=1674748352076&tid=913833&vp=1280x939&ds=1268x1391&vid=1&duid=4cbfb3d69fcbe1b2&p=web&tv=js-0.13.2&fp=3963981668&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=Etc%2FUTC&res=1280x1024&cd=24&cookie=1&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc
3.66.109.71200 OK 35 B URL HTTP/2 p.yotpo.com/i?e=pv&page=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&se_va=e6Qhu0U3Y8BNEXZklU8D93LeAiowhYVAw08hi5Ds&cx=eyJwdl91dWlkIjo2NzQ0OTMzNzV9&dtm=1674748352076&tid=913833&vp=1280x939&ds=1268x1391&vid=1&duid=4cbfb3d69fcbe1b2&p=web&tv=js-0.13.2&fp=3963981668&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=Etc%2FUTC&res=1280x1024&cd=24&cookie=1&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc
IP 3.66.109.71:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /i?e=pv&page=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&se_va=e6Qhu0U3Y8BNEXZklU8D93LeAiowhYVAw08hi5Ds&cx=eyJwdl91dWlkIjo2NzQ0OTMzNzV9&dtm=1674748352076&tid=913833&vp=1280x939&ds=1268x1391&vid=1&duid=4cbfb3d69fcbe1b2&p=web&tv=js-0.13.2&fp=3963981668&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=Etc%2FUTC&res=1280x1024&cd=24&cookie=1&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc HTTP/1.1
Host: p.yotpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 15:52:33 GMT
content-type: image/gif
content-length: 35
server: nginx
set-cookie: pixel=09527001-a06e-4abe-5233-a01d5dc04fe5; Path=/; Domain=yotpo.com; Max-Age=31536000; HttpOnly; Secure; SameSite=None
expires: Fri, 27 Jan 2023 15:52:33 GMT
cache-control: max-age=86400, private
X-Firefox-Spdy: h2
px.mountain.com/st?ga_tracking_id=UA-9393434-7&ga_client_id=1818172800.1674748352&shpt=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-9393434-7%22%2C%22ga_client_id%22%3A%221818172800.1674748352%22%2C%22shpt%22%3A%22Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout%22%2C%22dcm_cid%22%3A%221818172800.1674748352%22%2C%22dcm_gid%22%3A%22609958806.1674748352%22%2C%22mntnis%22%3A%22h%2FzzlTRDPneHmULhJrFqQafhQitxncpY%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1818172800.1674748352&dcm_gid=609958806.1674748352&dxver=4.0.0&shaid=32440&plh=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&cb=32991108605169172term%3Dvalue&shadditional=googletagmanager%3Dtrue%2Cshopify%3Dtrue%2Csh_conversion%3DSHBLOCK%2C%5Bobject%20Object%5D&shoamt=65.97999999999999&shoid=687302
35.81.173.170200 OK 1.2 kB URL HTTP/1.1 px.mountain.com/st?ga_tracking_id=UA-9393434-7&ga_client_id=1818172800.1674748352&shpt=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-9393434-7%22%2C%22ga_client_id%22%3A%221818172800.1674748352%22%2C%22shpt%22%3A%22Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout%22%2C%22dcm_cid%22%3A%221818172800.1674748352%22%2C%22dcm_gid%22%3A%22609958806.1674748352%22%2C%22mntnis%22%3A%22h%2FzzlTRDPneHmULhJrFqQafhQitxncpY%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1818172800.1674748352&dcm_gid=609958806.1674748352&dxver=4.0.0&shaid=32440&plh=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&cb=32991108605169172term%3Dvalue&shadditional=googletagmanager%3Dtrue%2Cshopify%3Dtrue%2Csh_conversion%3DSHBLOCK%2C%5Bobject%20Object%5D&shoamt=65.97999999999999&shoid=687302
IP 35.81.173.170:0
File type ASCII text, with very long lines (2341)
Hash 00d4497490609c8db5da1e2f54f6131d
882d09fa46d8dff39ac486e6beb950e279f6aba6
8fb321f6eebe97a1c43c3f96f1f84b5e00b437926a75af8d4373a2e1716b0640
GET /st?ga_tracking_id=UA-9393434-7&ga_client_id=1818172800.1674748352&shpt=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-9393434-7%22%2C%22ga_client_id%22%3A%221818172800.1674748352%22%2C%22shpt%22%3A%22Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout%22%2C%22dcm_cid%22%3A%221818172800.1674748352%22%2C%22dcm_gid%22%3A%22609958806.1674748352%22%2C%22mntnis%22%3A%22h%2FzzlTRDPneHmULhJrFqQafhQitxncpY%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1818172800.1674748352&dcm_gid=609958806.1674748352&dxver=4.0.0&shaid=32440&plh=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&cb=32991108605169172term%3Dvalue&shadditional=googletagmanager%3Dtrue%2Cshopify%3Dtrue%2Csh_conversion%3DSHBLOCK%2C%5Bobject%20Object%5D&shoamt=65.97999999999999&shoid=687302 HTTP/1.1
Host: px.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Thu, 26 Jan 2023 15:52:32 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
set-cookie: guid=7229e3e2-9d91-11ed-9cbc-8d0fc7313cca;Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
content-encoding: gzip
x-envoy-upstream-service-time: 0
server: istio-envoy
connection: close
transfer-encoding: chunked
px.mountain.com/st?ga_tracking_id=UA-9393434-7&ga_client_id=1818172800.1674748352&shpt=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-9393434-7%22%2C%22ga_client_id%22%3A%221818172800.1674748352%22%2C%22shpt%22%3A%22Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout%22%2C%22dcm_cid%22%3A%221818172800.1674748352%22%2C%22dcm_gid%22%3A%22609958806.1674748352%22%2C%22mntnis%22%3A%22KgBDN7YuexQ20c7zQXJkuQU73GSHu5Yx%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A6%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1818172800.1674748352&dcm_gid=609958806.1674748352&conv=1&shaid=32440&plh=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&cb=28509723367311100&shadditional=googletagmanager%3Dtrue%2Cshopify%3Dtrue%2Csh_conversion%3DSHBLOCK%2C%5Bobject%20Object%5D&shoamt=65.97999999999999&shoid=687302
35.81.173.170200 OK 48 kB URL HTTP/1.0 px.mountain.com/st?ga_tracking_id=UA-9393434-7&ga_client_id=1818172800.1674748352&shpt=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-9393434-7%22%2C%22ga_client_id%22%3A%221818172800.1674748352%22%2C%22shpt%22%3A%22Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout%22%2C%22dcm_cid%22%3A%221818172800.1674748352%22%2C%22dcm_gid%22%3A%22609958806.1674748352%22%2C%22mntnis%22%3A%22KgBDN7YuexQ20c7zQXJkuQU73GSHu5Yx%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A6%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1818172800.1674748352&dcm_gid=609958806.1674748352&conv=1&shaid=32440&plh=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&cb=28509723367311100&shadditional=googletagmanager%3Dtrue%2Cshopify%3Dtrue%2Csh_conversion%3DSHBLOCK%2C%5Bobject%20Object%5D&shoamt=65.97999999999999&shoid=687302
IP 35.81.173.170:0
File type gzip compressed data, last modified: Wed Jan 25 15:31:28 2023, max compression\012- data
Hash 068dd8158b8123dd25affbc23ed4c760
8061ffcf09638478a5222f86d137d991655c5cce
d1ff2fd7ed45f85cc174d1451daa8723d69c2971c007c7ca51ec9437731eb479
GET /st?ga_tracking_id=UA-9393434-7&ga_client_id=1818172800.1674748352&shpt=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-9393434-7%22%2C%22ga_client_id%22%3A%221818172800.1674748352%22%2C%22shpt%22%3A%22Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout%22%2C%22dcm_cid%22%3A%221818172800.1674748352%22%2C%22dcm_gid%22%3A%22609958806.1674748352%22%2C%22mntnis%22%3A%22KgBDN7YuexQ20c7zQXJkuQU73GSHu5Yx%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A6%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1818172800.1674748352&dcm_gid=609958806.1674748352&conv=1&shaid=32440&plh=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&cb=28509723367311100&shadditional=googletagmanager%3Dtrue%2Cshopify%3Dtrue%2Csh_conversion%3DSHBLOCK%2C%5Bobject%20Object%5D&shoamt=65.97999999999999&shoid=687302 HTTP/1.1
Host: px.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.0 200 OK
Cache-Control: no-cache
Connection: close
Content-Type: application/javascript;charset=utf-8
P3P: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
cdn-widget-assets.yotpo.com/widget-vue-core/app.v0.1.0-2295.js
95.101.97.70200 OK 31 kB URL HTTP/2 cdn-widget-assets.yotpo.com/widget-vue-core/app.v0.1.0-2295.js
IP 95.101.97.70:0
File type ASCII text, with very long lines (59999)
Hash 741dd11639cd2d7e4b8bdc75f3c91864
907dd5e8a28b44ba9fef5396db520c705c2d7916
f1c734697f023825beb42b05ed217cec47a0277696f2cf98a20eea9ebc292936
GET /widget-vue-core/app.v0.1.0-2295.js HTTP/1.1
Host: cdn-widget-assets.yotpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: uWhhGh397ZknQEUHs4qMa88hxQY/ajHSiJEv48XAZ8nKnW8Lm2S3CiYUK/6SmEC7WZSndLFDvnI=
x-amz-request-id: HJTTJJAK6YZ7A6T6
last-modified: Tue, 06 Apr 2021 12:10:26 GMT
etag: "220f903f69b847cfd23909ae14383e02"
x-amz-meta-s3cmd-attrs: uid:1000/gname:ubuntu/uname:ubuntu/gid:1000/mode:33188/mtime:1617711025/atime:1617711025/md5:220f903f69b847cfd23909ae14383e02/ctime:1617711025
x-amz-version-id: fY_wU7pb9WVcpu8EpZNT4SU_Q1qtQ1rW
accept-ranges: bytes
content-type: application/javascript
server: AmazonS3
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
date: Thu, 26 Jan 2023 15:52:33 GMT
content-length: 30692
X-Firefox-Spdy: h2
mpsnare.iesnare.com/5.5.0/logo.js
54.228.71.178200 OK 419 B URL HTTP/1.1 mpsnare.iesnare.com/5.5.0/logo.js
IP 54.228.71.178:0
File type ASCII text, with very long lines (377)
Hash a98054cb3e8be976065a95e8ef7a1b6c
f8934a905058b5579644f78c8c5141255da4244f
2bdda3dd480fab0f86f4f23c3734b2f56f28a1b7e338b5785887b9fbd1bfda59
GET /5.5.0/logo.js HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 26 Jan 2023 15:52:33 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Expires: Fri, 26 Jan 2024 15:52:33 GMT
Cache-Control: private
p3p: CP="NON DSP COR CURa"
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
mpsnare.iesnare.com/time.mp3?nocache=0.04011080101694231
54.228.71.178206 Partial Content 504 B URL HTTP/1.1 mpsnare.iesnare.com/time.mp3?nocache=0.04011080101694231
IP 54.228.71.178:0
File type MPEG ADTS, layer III, v2.5, 32 kbps, 8 kHz, JntStereo\012- data
Hash cfe47da3367b896cf8fe9d23144e6294
5eb28e56c71ce7e851b99b4d90b4091e3090243a
2857eb76b4850703192f5d42bc145b2384147fcb65f63b5447ed74664e241507
GET /time.mp3?nocache=0.04011080101694231 HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Referer: https://orgain.com/
Range: bytes=0-
Connection: keep-alive
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 206 Partial Content
Server: nginx
Date: Thu, 26 Jan 2023 15:52:33 GMT
Content-Type: audio/mpeg
Content-Length: 504
Connection: keep-alive
Content-Disposition: inline; filename=time.mp3
Content-Range: bytes 0-503/504
Accept-Ranges: bytes
Pragma: public
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
www.facebook.com/tr/?id=1045006588919000&ev=PageView&dl=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&rl=&if=false&ts=1674748353016&sw=1280&sh=1024&udff[em]=8b8a646cbc1da44b247db3ff456a67aeb03f05a355834dcf189fe3cce3b1ecb3&udff[fn]=927a3aed189d610b2e151c4208913b3ed0cb38f6be613756819b1513c8924d7f&udff[ln]=5bfd46bdedac5793ead6e609c78ba83e54114a651cbfc366c63aa54faff28a40&v=2.9.94&r=stable&ec=0&o=2078&fbp=fb.1.1674748353015.208709284&it=1674748352047&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1045006588919000&ev=PageView&dl=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&rl=&if=false&ts=1674748353016&sw=1280&sh=1024&udff[em]=8b8a646cbc1da44b247db3ff456a67aeb03f05a355834dcf189fe3cce3b1ecb3&udff[fn]=927a3aed189d610b2e151c4208913b3ed0cb38f6be613756819b1513c8924d7f&udff[ln]=5bfd46bdedac5793ead6e609c78ba83e54114a651cbfc366c63aa54faff28a40&v=2.9.94&r=stable&ec=0&o=2078&fbp=fb.1.1674748353015.208709284&it=1674748352047&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1045006588919000&ev=PageView&dl=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&rl=&if=false&ts=1674748353016&sw=1280&sh=1024&udff[em]=8b8a646cbc1da44b247db3ff456a67aeb03f05a355834dcf189fe3cce3b1ecb3&udff[fn]=927a3aed189d610b2e151c4208913b3ed0cb38f6be613756819b1513c8924d7f&udff[ln]=5bfd46bdedac5793ead6e609c78ba83e54114a651cbfc366c63aa54faff28a40&v=2.9.94&r=stable&ec=0&o=2078&fbp=fb.1.1674748353015.208709284&it=1674748352047&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 26 Jan 2023 15:52:33 GMT
X-Firefox-Spdy: h2
mpsnare.iesnare.com/star
54.228.71.178101 Switching Protocols 0 B IP 54.228.71.178:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /star HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://orgain.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xEeCAuaBjCYPoq06GqKF9A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Thu, 26 Jan 2023 15:52:33 GMT
Connection: upgrade
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Accept: 9UoyywCUAk96HwJg8veEXmEVP2U=
Upgrade: WebSocket
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1655794%26time%3D1674748351826%26url%3Dhttps%253A%252F%252Forgain.com%252F7408320621%252Forders%252F6e4a4a183201fc46f1496c922f543fbc%26liSync%3Dtrue
13.107.42.14302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1655794%26time%3D1674748351826%26url%3Dhttps%253A%252F%252Forgain.com%252F7408320621%252Forders%252F6e4a4a183201fc46f1496c922f543fbc%26liSync%3Dtrue
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1655794%26time%3D1674748351826%26url%3Dhttps%253A%252F%252Forgain.com%252F7408320621%252Forders%252F6e4a4a183201fc46f1496c922f543fbc%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1655794&time=1674748351826&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&3c0e1e75-daa2-4817-8933-45c71508164d"; Domain=.linkedin.com; Expires=Fri, 26-Jan-2024 15:52:33 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&20230126155233a161d5ce-109d-4f4b-8896-46ca5b9223c2AQFuPWe4L2aPHCPpd77HJgj1DiI14OjT"; Domain=.www.linkedin.com; Expires=Fri, 26-Jan-2024 15:52:33 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NzQ3NDgzNTM7MjswMjGTBRs7jSDtfZU/c36x98SbaP+saRbuFwJrCzquPaidvw==; Domain=.linkedin.com; Expires=Tue, 25 Jul 2023 15:52:33 GMT; Path=/; Secure; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2421:u=1:x=1:i=1674748353:t=1674834753:v=2:sig=AQEnvFdIN5C76WsVeTJ8U0XqcaFWa3AL"; Expires=Fri, 27 Jan 2023 15:52:33 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com *.microsoft.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; worker-src blob: 'self'; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' *.linkedin.com teams.microsoft.com client.learningapp.microsoft.com; report-uri /security/csp?e=p&f=t
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXzLLyvixr8sMwSTLF6wg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: D7C698218B23445285E6E9988BD540E3 Ref B: OSL30EDGE0220 Ref C: 2023-01-26T15:52:33Z
date: Thu, 26 Jan 2023 15:52:32 GMT
content-length: 0
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
216.58.207.227200 OK 14 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
IP 216.58.207.227:0
File type gzip compressed data, max compression\012- data
Hash bd8b50c980ae1d095ae9fb45008f22cb
b60cb216a3bd4e08514b42677c3ebda0303963f9
46acf87ee3c4be4dd2065b94f43d0cda2560359cf990cd4b41422682ddd24af0
GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://orgain.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12708
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 07:46:38 GMT
expires: Fri, 26 Jan 2024 07:46:38 GMT
cache-control: public, max-age=31536000
age: 29155
last-modified: Mon, 11 Jul 2022 18:55:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2
216.58.207.227200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2
IP 216.58.207.227:0
Hash f1f8a5d90f7a8e531116b5c2d0189282
0fdf5f239f2635b06aafd4d862c5e38b4eff8508
49c6b6b8f8aa1f887b68faff833607f64c71d3d1d657a0567224f8f5b87fc614
GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://orgain.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12848
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 10:14:57 GMT
expires: Thu, 25 Jan 2024 10:14:57 GMT
cache-control: public, max-age=31536000
age: 106656
last-modified: Mon, 11 Jul 2022 18:56:00 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
p.yotpo.com/i?e=se&se_ca=referral-widget-page&se_ac=loaded&se_va=nrMQniDgXcFzSiDLTJlYSA&cx=eyJ0aW1lX2Zyb21fcGFnZV9zdGFydCI6NjY3OSwidGltZV9mcm9tX2luaXRfc3RhcnQiOjUyMywic2Vzc2lvbl9pZCI6ImI3MDg4NTUzLTg2MGMtNDM2YS05NTE5LTYwNWViN2YyNjJiZCIsInNlcXVlbmNlIjoiMCIsIndpZGdldF9pbnN0YW5jZV9pZCI6IjI3NjUxIiwid2lkZ2V0X2luc3RhbmNlX3ZlcnNpb25faWQiOiI2OTczMDY3IiwiaXNfbW9iaWxlIjpmYWxzZSwiY3VzdG9tZXJfaWQiOjAsImlzX3BvcHVwIjp0cnVlfQ&dtm=1674748353335&tid=429947&vp=1280x939&ds=1268x1391&vid=1&duid=4cbfb3d69fcbe1b2&p=web&tv=js-0.13.4&fp=3963981668&aid=onsite_v3&lang=en-US&cs=UTF-8&tz=Etc%2FUTC&res=1280x1024&cd=24&cookie=1&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc
3.66.109.71200 OK 35 B URL HTTP/2 p.yotpo.com/i?e=se&se_ca=referral-widget-page&se_ac=loaded&se_va=nrMQniDgXcFzSiDLTJlYSA&cx=eyJ0aW1lX2Zyb21fcGFnZV9zdGFydCI6NjY3OSwidGltZV9mcm9tX2luaXRfc3RhcnQiOjUyMywic2Vzc2lvbl9pZCI6ImI3MDg4NTUzLTg2MGMtNDM2YS05NTE5LTYwNWViN2YyNjJiZCIsInNlcXVlbmNlIjoiMCIsIndpZGdldF9pbnN0YW5jZV9pZCI6IjI3NjUxIiwid2lkZ2V0X2luc3RhbmNlX3ZlcnNpb25faWQiOiI2OTczMDY3IiwiaXNfbW9iaWxlIjpmYWxzZSwiY3VzdG9tZXJfaWQiOjAsImlzX3BvcHVwIjp0cnVlfQ&dtm=1674748353335&tid=429947&vp=1280x939&ds=1268x1391&vid=1&duid=4cbfb3d69fcbe1b2&p=web&tv=js-0.13.4&fp=3963981668&aid=onsite_v3&lang=en-US&cs=UTF-8&tz=Etc%2FUTC&res=1280x1024&cd=24&cookie=1&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc
IP 3.66.109.71:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /i?e=se&se_ca=referral-widget-page&se_ac=loaded&se_va=nrMQniDgXcFzSiDLTJlYSA&cx=eyJ0aW1lX2Zyb21fcGFnZV9zdGFydCI6NjY3OSwidGltZV9mcm9tX2luaXRfc3RhcnQiOjUyMywic2Vzc2lvbl9pZCI6ImI3MDg4NTUzLTg2MGMtNDM2YS05NTE5LTYwNWViN2YyNjJiZCIsInNlcXVlbmNlIjoiMCIsIndpZGdldF9pbnN0YW5jZV9pZCI6IjI3NjUxIiwid2lkZ2V0X2luc3RhbmNlX3ZlcnNpb25faWQiOiI2OTczMDY3IiwiaXNfbW9iaWxlIjpmYWxzZSwiY3VzdG9tZXJfaWQiOjAsImlzX3BvcHVwIjp0cnVlfQ&dtm=1674748353335&tid=429947&vp=1280x939&ds=1268x1391&vid=1&duid=4cbfb3d69fcbe1b2&p=web&tv=js-0.13.4&fp=3963981668&aid=onsite_v3&lang=en-US&cs=UTF-8&tz=Etc%2FUTC&res=1280x1024&cd=24&cookie=1&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc HTTP/1.1
Host: p.yotpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 15:52:33 GMT
content-type: image/gif
content-length: 35
server: nginx
set-cookie: pixel=4a90be77-82f4-416e-7c16-2fdbbf136ece; Path=/; Domain=yotpo.com; Max-Age=31536000; HttpOnly; Secure; SameSite=None
expires: Fri, 27 Jan 2023 15:52:33 GMT
cache-control: max-age=86400, private
X-Firefox-Spdy: h2
p.yotpo.com/i?e=se&se_ca=checkout-redemptions-widget&se_ac=loaded&se_va=nrMQniDgXcFzSiDLTJlYSA&cx=eyJzZXNzaW9uX2lkIjoiZTJjN2ZhOGItZTY0ZS00N2JmLWEwMDUtMjViMzBhN2I3NzVjIiwic2VxdWVuY2UiOiIwIiwid2lkZ2V0X2luc3RhbmNlX2lkIjoiMjc2NTIiLCJpbnN0YW5jZV92ZXJzaW9uX2lkIjoiMTA2MzEwOTIiLCJpc19tb2JpbGUiOmZhbHNlLCJjaGVja291dF9pZCI6bnVsbCwiY2FydF9zdWJ0b3RhbCI6bnVsbCwiY3VzdG9tZXJfaWQiOm51bGx9&dtm=1674748353229&tid=655592&vp=1280x939&ds=1268x1391&vid=1&duid=4cbfb3d69fcbe1b2&p=web&tv=js-0.13.4&fp=3963981668&aid=onsite_v3&lang=en-US&cs=UTF-8&tz=Etc%2FUTC&res=1280x1024&cd=24&cookie=1&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc
3.66.109.71200 OK 650 B URL HTTP/2 p.yotpo.com/i?e=se&se_ca=checkout-redemptions-widget&se_ac=loaded&se_va=nrMQniDgXcFzSiDLTJlYSA&cx=eyJzZXNzaW9uX2lkIjoiZTJjN2ZhOGItZTY0ZS00N2JmLWEwMDUtMjViMzBhN2I3NzVjIiwic2VxdWVuY2UiOiIwIiwid2lkZ2V0X2luc3RhbmNlX2lkIjoiMjc2NTIiLCJpbnN0YW5jZV92ZXJzaW9uX2lkIjoiMTA2MzEwOTIiLCJpc19tb2JpbGUiOmZhbHNlLCJjaGVja291dF9pZCI6bnVsbCwiY2FydF9zdWJ0b3RhbCI6bnVsbCwiY3VzdG9tZXJfaWQiOm51bGx9&dtm=1674748353229&tid=655592&vp=1280x939&ds=1268x1391&vid=1&duid=4cbfb3d69fcbe1b2&p=web&tv=js-0.13.4&fp=3963981668&aid=onsite_v3&lang=en-US&cs=UTF-8&tz=Etc%2FUTC&res=1280x1024&cd=24&cookie=1&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc
IP 3.66.109.71:0
File type gzip compressed data, max compression\012- data
Hash 329e5c223714252a5257507a7499cf2f
11bf71210851007ba2bea3b513301ce1f5e07a43
c5f228021662aefeac13e97d292a8cc0ddc3af2ca30c089869e8e6331f7dee3c
GET /i?e=se&se_ca=checkout-redemptions-widget&se_ac=loaded&se_va=nrMQniDgXcFzSiDLTJlYSA&cx=eyJzZXNzaW9uX2lkIjoiZTJjN2ZhOGItZTY0ZS00N2JmLWEwMDUtMjViMzBhN2I3NzVjIiwic2VxdWVuY2UiOiIwIiwid2lkZ2V0X2luc3RhbmNlX2lkIjoiMjc2NTIiLCJpbnN0YW5jZV92ZXJzaW9uX2lkIjoiMTA2MzEwOTIiLCJpc19tb2JpbGUiOmZhbHNlLCJjaGVja291dF9pZCI6bnVsbCwiY2FydF9zdWJ0b3RhbCI6bnVsbCwiY3VzdG9tZXJfaWQiOm51bGx9&dtm=1674748353229&tid=655592&vp=1280x939&ds=1268x1391&vid=1&duid=4cbfb3d69fcbe1b2&p=web&tv=js-0.13.4&fp=3963981668&aid=onsite_v3&lang=en-US&cs=UTF-8&tz=Etc%2FUTC&res=1280x1024&cd=24&cookie=1&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc HTTP/1.1
Host: p.yotpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 15:52:33 GMT
content-type: image/gif
content-length: 35
server: nginx
set-cookie: pixel=3c3e9bf2-d59b-48bf-797b-9a8df3e0305d; Path=/; Domain=yotpo.com; Max-Age=31536000; HttpOnly; Secure; SameSite=None
expires: Fri, 27 Jan 2023 15:52:33 GMT
cache-control: max-age=86400, private
X-Firefox-Spdy: h2
gs.mountain.com/gs
34.212.4.35200 OK 144 B IP 34.212.4.35:0
File type ASCII text, with no line terminators
Hash 116c2f31919e8c58e211895be311fdfe
08a9fea971dc932d3c6cbc34bca0553a8db36838
ba4502d1b3ebe79c98cfc96bcae5ef7a66ece2a1afe5f5483452a3a1380736a5
GET /gs HTTP/1.1
Host: gs.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Cookie: guid=7229e3e2-9d91-11ed-9cbc-8d0fc7313cca
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Thu, 26 Jan 2023 15:52:33 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
x-application-context: application:prod:8080
content-type: application/javascript;charset=utf-8
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
cache-control: public, max-age=31536000
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 144
x-envoy-upstream-service-time: 1
server: istio-envoy
connection: close
px.ads.linkedin.com/collect?v=2&fmt=js&pid=1655794&time=1674748351826&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&liSync=true
13.107.42.14200 OK 171 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=1655794&time=1674748351826&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&liSync=true
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 75483e5515ad1926f2b84a915a057134
6e86d1ff7047cfbf34ea9fc15f4f0884d82659ed
176ddd69e09850b37146e167d4d187539ab91baae012318aacb6744295a45b8d
GET /collect?v=2&fmt=js&pid=1655794&time=1674748351826&url=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&19f14248-1790-4f58-88b2-57d03c2e462e"; domain=.linkedin.com; Path=/; Secure; Expires=Fri, 26-Jan-2024 15:52:33 GMT; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2421:u=1:x=1:i=1674748353:t=1674834753:v=2:sig=AQEnvFdIN5C76WsVeTJ8U0XqcaFWa3AL"; Expires=Fri, 27 Jan 2023 15:52:33 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXzLLy2vKn8sNNfl/EtwQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 7B137F5049FE4FCE9BA90C794079438C Ref B: OSL30EDGE0220 Ref C: 2023-01-26T15:52:33Z
date: Thu, 26 Jan 2023 15:52:32 GMT
content-length: 0
X-Firefox-Spdy: h2
px.mountain.com/st?ga_tracking_id=UA-9393434-7&ga_client_id=1818172800.1674748352&shpt=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-9393434-7%22%2C%22ga_client_id%22%3A%221818172800.1674748352%22%2C%22shpt%22%3A%22Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout%22%2C%22dcm_cid%22%3A%221818172800.1674748352%22%2C%22dcm_gid%22%3A%22609958806.1674748352%22%2C%22mntnis%22%3A%22h%2FzzlTRDPneHmULhJrFqQafhQitxncpY%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1818172800.1674748352&dcm_gid=609958806.1674748352&dxver=4.0.0&shaid=32440&plh=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&shadditional=googletagmanager%3Dtrue%2Cshopify%3Dtrue%2Csh_conversion%3DSHBLOCK%2C%5Bobject%20Object%5D&shoamt=65.97999999999999&shoid=687302&cb=1674748352952728&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1674748353727
35.81.173.170200 OK 1.4 kB URL HTTP/1.1 px.mountain.com/st?ga_tracking_id=UA-9393434-7&ga_client_id=1818172800.1674748352&shpt=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-9393434-7%22%2C%22ga_client_id%22%3A%221818172800.1674748352%22%2C%22shpt%22%3A%22Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout%22%2C%22dcm_cid%22%3A%221818172800.1674748352%22%2C%22dcm_gid%22%3A%22609958806.1674748352%22%2C%22mntnis%22%3A%22h%2FzzlTRDPneHmULhJrFqQafhQitxncpY%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1818172800.1674748352&dcm_gid=609958806.1674748352&dxver=4.0.0&shaid=32440&plh=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&shadditional=googletagmanager%3Dtrue%2Cshopify%3Dtrue%2Csh_conversion%3DSHBLOCK%2C%5Bobject%20Object%5D&shoamt=65.97999999999999&shoid=687302&cb=1674748352952728&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1674748353727
IP 35.81.173.170:0
File type ASCII text, with very long lines (5437), with no line terminators
Hash a32d6f849b10f577c9228710aa2ba451
5f9c33c8127ec668d71f5edf0acfb013e2b9570f
55a1d1a15ef14b08664d4fd7afe93521edf105b6c57a55c3c43a5f00d4b5ca7f
GET /st?ga_tracking_id=UA-9393434-7&ga_client_id=1818172800.1674748352&shpt=Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-9393434-7%22%2C%22ga_client_id%22%3A%221818172800.1674748352%22%2C%22shpt%22%3A%22Thank%20you%20HENRY!%20-%20Orgain%20-%20Checkout%22%2C%22dcm_cid%22%3A%221818172800.1674748352%22%2C%22dcm_gid%22%3A%22609958806.1674748352%22%2C%22mntnis%22%3A%22h%2FzzlTRDPneHmULhJrFqQafhQitxncpY%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1818172800.1674748352&dcm_gid=609958806.1674748352&dxver=4.0.0&shaid=32440&plh=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&shadditional=googletagmanager%3Dtrue%2Cshopify%3Dtrue%2Csh_conversion%3DSHBLOCK%2C%5Bobject%20Object%5D&shoamt=65.97999999999999&shoid=687302&cb=1674748352952728&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1674748353727 HTTP/1.1
Host: px.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Cookie: guid=7229e3e2-9d91-11ed-9cbc-8d0fc7313cca
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Thu, 26 Jan 2023 15:52:34 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
set-cookie: tt=H4sIAAAAAAAAAKtWMjYyMTGIN7IwtlCyMjQzNzE3sTA2NTExNNZR8guKh8qaWxorWRnoKJUpWRkhi4N1GdQCAMl7VP9GAAAA;Domain=px.mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
rt="MzI0NDA6MTY3NDc0ODM1NA==";Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
guid=7229e3e2-9d91-11ed-9cbc-8d0fc7313cca;Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
content-encoding: gzip
x-envoy-upstream-service-time: 13
server: istio-envoy
connection: close
transfer-encoding: chunked
match.adsrvr.org/track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=7229e3e2-9d91-11ed-9cbc-8d0fc7313cca&gdpr=&gdpr_consent=
15.197.193.217200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=7229e3e2-9d91-11ed-9cbc-8d0fc7313cca&gdpr=&gdpr_consent=
IP 15.197.193.217:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=7229e3e2-9d91-11ed-9cbc-8d0fc7313cca&gdpr=&gdpr_consent= HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 15:52:34 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
insight.adsrvr.org/track/evnt/?adv=l3zht92&ct=0:3gzcjka&fmt=3
15.197.193.217200 OK 393 B URL HTTP/2 insight.adsrvr.org/track/evnt/?adv=l3zht92&ct=0:3gzcjka&fmt=3
IP 15.197.193.217:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9044150d1d281ebc1855570a1d026edf
fe13db74703bca885ef3abd39bd245bd997d19dc
5a0d176e52d636fb8312b9e87cb752c1d55712a0bbfeacf63fc33020381ca38b
GET /track/evnt/?adv=l3zht92&ct=0:3gzcjka&fmt=3 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 15:52:34 GMT
content-type: image/gif
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 1.9 kB IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7f862706c14c244d45cd834245802d34
17a8f1776f1d4ee336942de7c98a467ff4dc786b
1ac196110e740f16ae6045d6f87a23dbbdb9ccbbf4d9a4b5013e0d76f47c02fe
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C438D1B17806549B74E03FFF91D1851C1B59D4CAE10EB1E0D4357CDE5E57EC40"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10434
Expires: Thu, 26 Jan 2023 18:46:28 GMT
Date: Thu, 26 Jan 2023 15:52:34 GMT
Connection: keep-alive
static.klaviyo.com/onsite/js/klaviyo.js?company_id=JAEB4q&shop=drink-orgain.myshopify.com
151.101.130.133200 OK 1.0 kB URL HTTP/2 static.klaviyo.com/onsite/js/klaviyo.js?company_id=JAEB4q&shop=drink-orgain.myshopify.com
IP 151.101.130.133:0
File type ASCII text, with very long lines (2904)
Hash 4489ec9aa23b889356d7dc68d6b4d76a
aea7a66c9fd3b32c669fffc918a1e887c9d2b85f
e95d27debfc99261716ea06c50ead04e8bf54d69fd05c262d1086de04ff66751
GET /onsite/js/klaviyo.js?company_id=JAEB4q&shop=drink-orgain.myshopify.com HTTP/1.1
Host: static.klaviyo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers:
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
allow: OPTIONS, GET
cache-control: max-age=1, stale-while-revalidate=10800
content-encoding: gzip
content-type: application/javascript
etag: W/"86e99737a656430798f02ce3465d8e0d"
server: nginx
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 26 Jan 2023 15:52:34 GMT
age: 3313
x-served-by: cache-lga13625-LGA, cache-bma1635-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1674748355.909520,VS0,VE1
vary: Accept-Encoding
x-resp-is-stale: true
content-length: 1037
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/CNNkrGp2ZqY
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/CNNkrGp2ZqY
IP 216.58.211.3:0
Hash d6c4812e28a347fc7cbd68fb64974824
2d576bb928e947f43acee22b9573426f446b2540
b9cb6c4c0fee4dd206f787604a8fe456e39e1782d06e59ff658f0f08663edeb2
POST /s/gts1d4/CNNkrGp2ZqY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 15:52:34 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0bf320bbd938180a46d7ab09577dec0b
b3d54bc209df4f6a54f7f273bd2129f65a8755df
d16bd6b64dabae920481a19f82e9493c6a677420086e6f2ce92a3d8150f1a344
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "D16BD6B64DABAE920481A19F82E9493C6A677420086E6F2CE92A3D8150F1A344"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2263
Expires: Thu, 26 Jan 2023 16:30:17 GMT
Date: Thu, 26 Jan 2023 15:52:34 GMT
Connection: keep-alive
widgets.automizely.com/aftership/tracking_page.js?tracking_page_id=8a5be55175714b03a7e473d76d88d922&shop=drink-orgain.myshopify.com
104.19.169.102200 OK 113 kB URL HTTP/2 widgets.automizely.com/aftership/tracking_page.js?tracking_page_id=8a5be55175714b03a7e473d76d88d922&shop=drink-orgain.myshopify.com
IP 104.19.169.102:0
Size 113 kB (113208 bytes)
Hash 8ca9e229f6646cb3313d85f64b22519a
2f501789fac52a35e3eed00695756955878d2a02
2031a1b57f92a75bdf2a0b802d12cd83bcbd23d80ef1763bbf6984a2a6016b25
GET /aftership/tracking_page.js?tracking_page_id=8a5be55175714b03a7e473d76d88d922&shop=drink-orgain.myshopify.com HTTP/1.1
Host: widgets.automizely.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 15:52:34 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: hHZwt2NvUg38FIhTVMA1y2SjyBEiHcONrNBq2FOmOXW6eETUQCfVMcZ8QxUCej5dAh4NWD6edtM=
x-amz-request-id: 8MQJY6NZF6CSP0M3
x-amz-meta-x-frame-options: deny
last-modified: Fri, 30 Dec 2022 08:03:10 GMT
etag: W/"6b5ee600d2b0385cffe59f410b014590"
cf-cache-status: HIT
age: 892
expires: Thu, 26 Jan 2023 19:52:34 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78fa6aa17a10b50f-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.klaviyo.com/onsite/js/klaviyo.js?company_id=JAEB4q&shop=drink-orgain.myshopify.com
151.101.130.133304 Not Modified 0 B URL HTTP/2 static.klaviyo.com/onsite/js/klaviyo.js?company_id=JAEB4q&shop=drink-orgain.myshopify.com
IP 151.101.130.133:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /onsite/js/klaviyo.js?company_id=JAEB4q&shop=drink-orgain.myshopify.com HTTP/1.1
Host: static.klaviyo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: W/"86e99737a656430798f02ce3465d8e0d"
Cache-Control: max-age=0
TE: trailers
HTTP/2 304 Not Modified
date: Thu, 26 Jan 2023 15:52:34 GMT
via: 1.1 varnish
cache-control: max-age=1, stale-while-revalidate=10800
etag: W/"86e99737a656430798f02ce3465d8e0d"
age: 3313
x-served-by: cache-bma1635-BMA
x-cache: HIT
x-cache-hits: 3
x-timer: S1674748355.952409,VS0,VE0
vary: Accept-Encoding
x-resp-is-stale: true
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3d9eb8b53b2b4e30ebbe174d8466de12
e7a05b6383547916644e71cd1096538ac6a9f337
22421859280fe38602e210f9188f3f6f27d714ef0529a973aae210edf866977e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2219
Cache-Control: max-age=169412
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 15:52:34 GMT
Etag: "63d28bdb-117"
Expires: Sat, 28 Jan 2023 14:56:06 GMT
Last-Modified: Thu, 26 Jan 2023 14:19:07 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
static.klaviyo.com/onsite/js/runtime.81f6cc401344ed6c92c2.js?cb=1
151.101.130.133200 OK 8.1 kB URL HTTP/2 static.klaviyo.com/onsite/js/runtime.81f6cc401344ed6c92c2.js?cb=1
IP 151.101.130.133:0
File type ASCII text, with very long lines (19473), with no line terminators
Hash 674356d5e38bd70278300a937855cb81
cd439fbfd5d1ecbf5362d3e130f9312885fd5583
404c57fa7e3d4e7f64126a89848ede3878116e624f76fd283085bcf081186d83
GET /onsite/js/runtime.81f6cc401344ed6c92c2.js?cb=1 HTTP/1.1
Host: static.klaviyo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: ZHoe1JKI1Rph3iOf4IQhZp16xxgfZaMMfW8KEIP2txI5AOHYJ6NfXRv/lkoA3cPNyKoaq1CVWPw=
x-amz-request-id: V04X7QK3GHYB10N1
last-modified: Tue, 24 Jan 2023 18:51:15 GMT
etag: "b48a12053d908bc286759bb17690a56b"
cache-control: max-age=2592000,stale-while-revalidate=10800
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
x-amz-version-id: mm.IBp1r3HZuPGxv_asbIgsC7t4Otydh
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
accept-ranges: bytes
date: Thu, 26 Jan 2023 15:52:34 GMT
age: 981
x-served-by: cache-lga21938-LGA, cache-bma1635-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 633
vary: Accept-Encoding
content-length: 8050
X-Firefox-Spdy: h2
cdn.tapcart.com/mobile-download-banner/banner-min.js?marketingCopy=Checkout+our+new+app!&ctaEvent=get&title=Orgain&androidLive=true&iosLive=true&appStoreId=1595210153&playStoreId=co.tapcart.app.id_nMi4AFA1hH&shop=drink-orgain.myshopify.com
35.227.237.110200 OK 4.0 kB URL HTTP/2 cdn.tapcart.com/mobile-download-banner/banner-min.js?marketingCopy=Checkout+our+new+app!&ctaEvent=get&title=Orgain&androidLive=true&iosLive=true&appStoreId=1595210153&playStoreId=co.tapcart.app.id_nMi4AFA1hH&shop=drink-orgain.myshopify.com
IP 35.227.237.110:0
File type HTML document, ASCII text, with very long lines (10607)
Hash ea841c153d565985907f8d12822ce9f8
3e706b8dabfb579ca2151302f36a81f8c4c44d8e
ccce95900f9a1063e2ed21831da10a77a3008629d4c7caa66f6b0b18a80f568d
GET /mobile-download-banner/banner-min.js?marketingCopy=Checkout+our+new+app!&ctaEvent=get&title=Orgain&androidLive=true&iosLive=true&appStoreId=1595210153&playStoreId=co.tapcart.app.id_nMi4AFA1hH&shop=drink-orgain.myshopify.com HTTP/1.1
Host: cdn.tapcart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsQPQ3UOkwdZ7_bDVVPzEg2nszcb5G7TJcNLSTFwsOKN20eBd8c2tA7aNdlwORCPV3jUFr0b-bClNuj0_BztBIbPNp-cW2s
vary: Accept-Encoding
x-goog-generation: 1601069883388603
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 3994
content-encoding: gzip
x-goog-hash: crc32c=BxpSOw==, md5=6oQcFT1WWYWQf40Sgizp+A==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 3994
server: UploadServer
date: Tue, 24 Jan 2023 00:47:16 GMT
expires: Wed, 24 Jan 2024 00:47:16 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 25 Sep 2020 21:38:03 GMT
etag: "ea841c153d565985907f8d12822ce9f8"
content-type: application/javascript
age: 227118
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
intg.snapchat.com/shopify/shopify-scevent-init.js?id=18ab9ee3-5df9-4c59-91b0-f8899457ea4b&shop=drink-orgain.myshopify.com
54.230.111.64200 OK 18 kB URL HTTP/2 intg.snapchat.com/shopify/shopify-scevent-init.js?id=18ab9ee3-5df9-4c59-91b0-f8899457ea4b&shop=drink-orgain.myshopify.com
IP 54.230.111.64:0
File type Unicode text, UTF-8 text, with very long lines (46812), with no line terminators
Hash c7bac0a08ac6d96fa2d28959579e5c47
e2bfd450c9a65efbb3713637668a375107a502ba
84327f9b39d54bebb8af1d83556bfa4778049d36672de6bcadd4f2616480ed77
GET /shopify/shopify-scevent-init.js?id=18ab9ee3-5df9-4c59-91b0-f8899457ea4b&shop=drink-orgain.myshopify.com HTTP/1.1
Host: intg.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Thu, 26 Jan 2023 08:30:12 GMT
last-modified: Fri, 15 Jul 2022 18:48:06 GMT
etag: W/"a65742ae31227369fe79296540c138fb"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: snAZOPsGIpHB8iNspVGf7-0GL4Y9Ovb6zK47XwHCJlcEo7s_kM5QLg==
age: 26543
X-Firefox-Spdy: h2
static.klaviyo.com/onsite/js/vendors~signup_forms.a31dd14a1ce62f91235b.js?cb=1
151.101.130.133200 OK 12 kB URL HTTP/2 static.klaviyo.com/onsite/js/vendors~signup_forms.a31dd14a1ce62f91235b.js?cb=1
IP 151.101.130.133:0
File type ASCII text, with very long lines (36946)
Hash 85bd273072cb0dd22e5e638154e61527
a4e269d1594e4a29e19290f0f172cb1b1a082df4
58cd1b7f523caa43b29f0fa6d904d3c82491d4829575791ae47ed678a92efe57
GET /onsite/js/vendors~signup_forms.a31dd14a1ce62f91235b.js?cb=1 HTTP/1.1
Host: static.klaviyo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: NenJFBdxfWBWOrE+S1hV2t+qSUo248+eqJkZ7PVIJJ3qO0AWiZoCcLd2/S6IpamlQVrMKAwIbJs=
x-amz-request-id: A9KBBNMK73VM94KF
last-modified: Wed, 11 Jan 2023 17:07:33 GMT
etag: "14d5f5d749c7e30f46242493ff3f2893"
cache-control: max-age=2592000,stale-while-revalidate=10800
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
x-amz-version-id: rBkyHbrwP63IrT54R3TKQ6FrEMZmQNDN
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
accept-ranges: bytes
date: Thu, 26 Jan 2023 15:52:34 GMT
age: 982
x-served-by: cache-lga21935-LGA, cache-bma1635-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 397
vary: Accept-Encoding
content-length: 12427
X-Firefox-Spdy: h2
static.klaviyo.com/onsite/js/signup_forms.e4023c6f8e62b93d2fc6.js?cb=1
151.101.130.133200 OK 11 kB URL HTTP/2 static.klaviyo.com/onsite/js/signup_forms.e4023c6f8e62b93d2fc6.js?cb=1
IP 151.101.130.133:0
File type Unicode text, UTF-8 text, with very long lines (34072), with no line terminators
Hash 607fe0468230d3bfaa3a62a926b3320f
4be8c81365ebeee01c3ba704d53f5cfeec8779eb
1a3ea4144fffec497f1219534e845da9db9b89b43439432874b26af2ba332367
GET /onsite/js/signup_forms.e4023c6f8e62b93d2fc6.js?cb=1 HTTP/1.1
Host: static.klaviyo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: jw+dBUh2+9ZK5qTQrVgGVAnBsm7XVumSn0rubCjlB9LrhdyBRoBfDgKpFu63cGUYt42Rjnmo/8A=
x-amz-request-id: V04WY01XTAWVPYMD
last-modified: Tue, 24 Jan 2023 18:51:15 GMT
etag: "5cdc6d282041cb41c958e7b444513477"
cache-control: max-age=2592000,stale-while-revalidate=10800
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
x-amz-version-id: ttpFO4iWwdS_2rfLn9rvfZP1dcN.knlf
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
accept-ranges: bytes
date: Thu, 26 Jan 2023 15:52:35 GMT
age: 982
x-served-by: cache-lga13621-LGA, cache-bma1635-BMA
x-cache: HIT, HIT
x-cache-hits: 4, 446
vary: Accept-Encoding
content-length: 11352
X-Firefox-Spdy: h2
static-tracking.klaviyo.com/onsite/js/static.aa7cf055e48f28bbd282.js?cb=1
151.101.130.133200 OK 5.3 kB URL HTTP/2 static-tracking.klaviyo.com/onsite/js/static.aa7cf055e48f28bbd282.js?cb=1
IP 151.101.130.133:0
File type ASCII text, with very long lines (12659), with no line terminators
Hash 1e5719bef9a29c3e7287ac08b5e2b2ef
d129764a0061300a471cb30380f111c7fc0b7af1
6ee1100c614754007ec9d1b3a313367d1851a0ba18bcfff63e62a49ec5bad9cd
GET /onsite/js/static.aa7cf055e48f28bbd282.js?cb=1 HTTP/1.1
Host: static-tracking.klaviyo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: KnNSjGvhnyY9GXLzqrCH6+xKs4IkYpc6LQLGufO+AIXqk2X+Z5fZTQdUadmoApY4+8OVXpCI8NNQDBICBZizqg==
x-amz-request-id: V04VTKJYF01KKH9E
last-modified: Tue, 24 Jan 2023 18:51:15 GMT
etag: "bdc532ee042e650b2a4d06cfc862f93c"
cache-control: max-age=2592000,stale-while-revalidate=10800
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
x-amz-version-id: 4zv8jtgnhp0NWMPbxgpvocWDELtx98tW
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
accept-ranges: bytes
date: Thu, 26 Jan 2023 15:52:35 GMT
age: 3317
x-served-by: cache-lga21962-LGA, cache-bma1663-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 662
vary: Accept-Encoding
content-length: 5320
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash be1bdec777fe2c4fc214e74e1634485d
852100a0e9991aa4d04db9a439cc634c6de9729d
0dd3c705e0a71fc79a6573bd831ca9933f5e45bee17ce3d2f94628f29313e627
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5364
Cache-Control: max-age=86152
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 15:52:35 GMT
Etag: "63d13a58-118"
Expires: Fri, 27 Jan 2023 15:48:27 GMT
Last-Modified: Wed, 25 Jan 2023 14:19:04 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/s/gts1d4/CNNkrGp2ZqY
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/CNNkrGp2ZqY
IP 216.58.211.3:0
Hash d6c4812e28a347fc7cbd68fb64974824
2d576bb928e947f43acee22b9573426f446b2540
b9cb6c4c0fee4dd206f787604a8fe456e39e1782d06e59ff658f0f08663edeb2
POST /s/gts1d4/CNNkrGp2ZqY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 15:52:35 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static-tracking.klaviyo.com/onsite/js/fender_analytics.7d9ea490a2bcf6e5fa8b.js?cb=1
151.101.130.133200 OK 11 kB URL HTTP/2 static-tracking.klaviyo.com/onsite/js/fender_analytics.7d9ea490a2bcf6e5fa8b.js?cb=1
IP 151.101.130.133:0
File type ASCII text, with very long lines (27750), with no line terminators
Hash 4130f27ac8ffe6d8372b514b42281df3
84e6672d7ac2f7aa25f3dcb4e1cd63c85fd833a4
cb7d951f9bacc656f2cdf7bb08868d653fa2450df11c1a2f65ca8f4982ee24f9
GET /onsite/js/fender_analytics.7d9ea490a2bcf6e5fa8b.js?cb=1 HTTP/1.1
Host: static-tracking.klaviyo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Ok1pIBKKenTajb2ZnvpqLw9m6LGN/bbVrbskFadwZmoLN85EBCiXhJYlfXu4FiFZddQCuKdTm4k=
x-amz-request-id: V04XGMKFZMFWPPN7
last-modified: Tue, 24 Jan 2023 18:51:15 GMT
etag: "741d6862910c2aa5664c150b294f6e12"
cache-control: max-age=2592000,stale-while-revalidate=10800
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
x-amz-version-id: KrrTOk0oYJRzUIk3dg9jfBxuiktosyCx
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
accept-ranges: bytes
date: Thu, 26 Jan 2023 15:52:35 GMT
age: 3317
x-served-by: cache-lga21943-LGA, cache-bma1663-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 657
vary: Accept-Encoding
content-length: 10696
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0bf320bbd938180a46d7ab09577dec0b
b3d54bc209df4f6a54f7f273bd2129f65a8755df
d16bd6b64dabae920481a19f82e9493c6a677420086e6f2ce92a3d8150f1a344
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "D16BD6B64DABAE920481A19F82E9493C6A677420086E6F2CE92A3D8150F1A344"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2262
Expires: Thu, 26 Jan 2023 16:30:17 GMT
Date: Thu, 26 Jan 2023 15:52:35 GMT
Connection: keep-alive
cdn-scripts.signifyd.com/shopify/script-tag.js?shop=drink-orgain.myshopify.com
54.230.111.24200 OK 3.0 kB URL HTTP/2 cdn-scripts.signifyd.com/shopify/script-tag.js?shop=drink-orgain.myshopify.com
IP 54.230.111.24:0
File type ASCII text, with very long lines (3004), with no line terminators
Hash 1ebadac4613cd33aeac40fcdc723646d
e72aea3a791378fdf4e0acf5b9e4828512482d71
28007761338c1e98e5b151031b85fdea6624c9218c8d8503967f312867d7972a
GET /shopify/script-tag.js?shop=drink-orgain.myshopify.com HTTP/1.1
Host: cdn-scripts.signifyd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 3004
date: Thu, 26 Jan 2023 15:52:35 GMT
cache-control: public, max-age=1800
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: p2Jg3k8Tak2OPeXVKbgKvDkefRmo8zC9Edir6FMFBPun-QNs3W4Lvg==
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2b61ee2d59bda8c3fa2c7123693ecf0e
4d1e54340fc64db92b7f24dac97e921dc30dfdf1
bdabbf6e39da78fafbbbcf4829c9620a95fea1d65ea9136f6eae3834079d9e36
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3204
Cache-Control: max-age=119239
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 15:52:35 GMT
Etag: "63d1c406-117"
Expires: Sat, 28 Jan 2023 00:59:54 GMT
Last-Modified: Thu, 26 Jan 2023 00:06:30 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 95a851cb7897be7588680f9395096ea1
6d9062bb7e9066d358e530a4f7addb751c908c3c
12d5c27fe4e3e1c360566493cf9388dab844f21745fc3acd8d86d00e88dbaa9d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "12D5C27FE4E3E1C360566493CF9388DAB844F21745FC3ACD8D86D00E88DBAA9D"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6810
Expires: Thu, 26 Jan 2023 17:46:05 GMT
Date: Thu, 26 Jan 2023 15:52:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 117e00b1f680e1b7e876c6947dfebaf5
235dbb2df2acbc59a3d2fd028ff247d6ddbc0644
c438d1b17806549b74e03fff91d1851c1b59d4cae10eb1e0d4357cde5e57ec40
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C438D1B17806549B74E03FFF91D1851C1B59D4CAE10EB1E0D4357CDE5E57EC40"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10433
Expires: Thu, 26 Jan 2023 18:46:28 GMT
Date: Thu, 26 Jan 2023 15:52:35 GMT
Connection: keep-alive
fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/onsite?company_id=JAEB4q
151.101.194.133200 OK 710 B URL HTTP/2 fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/onsite?company_id=JAEB4q
IP 151.101.194.133:0
File type JSON data\012- , ASCII text, with very long lines (710), with no line terminators
Hash 96c15cde38a98734a2aa2f4d411e1f6c
ce486732241fe96c55c1a6bf5580510e4056277e
a2e2869b9247092995cbe2f36fa1ca54c431828c15caa5c094a05ec01ff983ed
GET /custom-fonts/api/v1/company-fonts/onsite?company_id=JAEB4q HTTP/1.1
Host: fast.a.klaviyo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers:
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
allow: GET, HEAD, OPTIONS
cache-control: max-age=10
content-type: application/json; charset=utf-8
server: nginx
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 26 Jan 2023 15:52:35 GMT
age: 59449
x-served-by: cache-bos4635-BOS, cache-bma1660-BMA
x-cache: HIT, HIT
x-cache-hits: 179, 1
vary: Cookie
strict-transport-security: max-age=900
content-length: 710
X-Firefox-Spdy: h2
static-forms.klaviyo.com/forms/api/v6/JAEB4q/full-forms
151.101.66.133200 OK 13 kB URL HTTP/2 static-forms.klaviyo.com/forms/api/v6/JAEB4q/full-forms
IP 151.101.66.133:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 31aff58e492b4e70f75564507fc34ae5
2f625abd13518d1ca1694ef4900512501b3b4f54
cb2100c7017e53a5c3c7dcba83f1326dd3c75aa9510a7c20e384dacf179aed0f
GET /forms/api/v6/JAEB4q/full-forms HTTP/1.1
Host: static-forms.klaviyo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: HLQYa4PzMkBPypUA/skBmZpRj6sYtiuer0HrCr5quQWWnyQzXglZJKBN1T1c05lfHZtmpYmCxvs=
x-amz-request-id: Z8T1CQD97HGJZJZ2
last-modified: Wed, 18 Jan 2023 22:18:40 GMT
etag: "15361b004350f67f55cc415d07d83407"
cache-control: max-age=5
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: full-forms/shared full-forms/JAEB4q custom-fonts/JAEB4q
x-amz-version-id: x64E.067bD2JEx8GfhH5E2eJk5egkOJY
content-type: application/json
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Thu, 26 Jan 2023 15:52:35 GMT
via: 1.1 varnish
age: 26671
x-served-by: cache-bma1652-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1674748355.248393,VS0,VE1
vary: Accept-Encoding
client-geo-continent: EU
client-geo-country: NO
access-control-expose-headers: client-geo-continent, client-geo-country
access-control-allow-origin: *
content-length: 12858
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 42fa2c73f4f37bad1cd566c0970e57d0
7eb69e7ffedb6eb4c4df93fefcc0ee41452fa3fa
b7ff85bfdc13692ca36b11dfe6ebf4eb64e4cb2a6b862d0d37c567f50df69387
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2550
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 15:52:35 GMT
Etag: "63d24429-117"
Last-Modified: Thu, 26 Jan 2023 15:10:05 GMT
Server: ECS (amb/6B81)
X-Cache: HIT
Content-Length: 279
shopper.shop.pe/input.js
35.190.54.17200 OK 8.9 kB IP 35.190.54.17:0
File type ASCII text, with very long lines (17023)
Hash 277671bdc75ca43b2c48464d6ab4278f
fa3f6cfe3a34a0586917b256c7d5b8f9b4c1a205
cb280dde0bd7b5868891421254e239ef63551cc351cb246a68e9bc69bd4e0e8e
GET /input.js HTTP/1.1
Host: shopper.shop.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycduIL01pxOlG3E6jajQ-jPdg5jXx3GtK8fPTioOBC-dNbdqcWW3R8NdEzzOxP8ZmyXOukqD9Lv6qVlZ5mypGPyox
vary: Accept-Encoding
x-goog-generation: 1667301507739079
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 8877
content-encoding: gzip
x-goog-hash: crc32c=d2ag2w==, md5=J3ZxvcdcpDssSEZNarQnjw==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 8877
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
server: UploadServer
date: Thu, 26 Jan 2023 13:08:33 GMT
expires: Thu, 26 Jan 2023 17:08:33 GMT
cache-control: public, max-age=14400
age: 9842
last-modified: Tue, 01 Nov 2022 11:18:27 GMT
etag: "277671bdc75ca43b2c48464d6ab4278f"
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
scripttags.jst.ai/shopify_justuno_7408320621_d98ccd30-e178-11ea-aee1-9d341c2767db.js?shop=drink-orgain.myshopify.com
104.17.202.53200 OK 272 B URL HTTP/2 scripttags.jst.ai/shopify_justuno_7408320621_d98ccd30-e178-11ea-aee1-9d341c2767db.js?shop=drink-orgain.myshopify.com
IP 104.17.202.53:0
File type ASCII text, with very long lines (405), with no line terminators
Hash 789e860d75e05105352c44182eac6911
5646c6494204ec84f2ab24ce572b329942bd87e8
7a5b90cb80b9dcbe3b64ad42425f70e578631780f21fee4a7f1a3672bc11935b
GET /shopify_justuno_7408320621_d98ccd30-e178-11ea-aee1-9d341c2767db.js?shop=drink-orgain.myshopify.com HTTP/1.1
Host: scripttags.jst.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 15:52:34 GMT
content-type: application/x-javascript
cf-bgj: minify
cf-polished: origSize=411
etag: W/"af7993c2ff57b7b07fbeafbaae56fa81"
last-modified: Tue, 18 Aug 2020 17:32:56 GMT
x-77-cache: HIT
x-77-nzt: AblMCRSIA2b//FUMAA
x-77-nzt-ray: af58563002f291730fd4bf63d3121c14
x-77-pop: stockholmSE
x-age: 808444
x-cache: HIT
x-amz-id-2: gVrEH9OQA41WSGTzVndmBHz9llDC0fqyPC/W4Ahei2iNB2ese8fVfMEsvz6zkLCNWn2930f5DsA=
x-amz-request-id: YGX77S50VP08CQMN
cf-cache-status: HIT
age: 891
expires: Fri, 03 Feb 2023 15:52:34 GMT
cache-control: public, max-age=691200
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fa6aa17acf1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2b61ee2d59bda8c3fa2c7123693ecf0e
4d1e54340fc64db92b7f24dac97e921dc30dfdf1
bdabbf6e39da78fafbbbcf4829c9620a95fea1d65ea9136f6eae3834079d9e36
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3204
Cache-Control: max-age=119239
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 15:52:35 GMT
Etag: "63d1c406-117"
Expires: Sat, 28 Jan 2023 00:59:54 GMT
Last-Modified: Thu, 26 Jan 2023 00:06:30 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 9df43b4af88866790b4742d329dd1b01
1f54f73e87eb3168b8d2fc459e38a3568c8c0124
b8d810009a78ae48828817d8d976260ae44ec7c6074c4fd87c2dde136169fdff
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 26 Jan 2023 15:52:35 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 25 Jan 2023 21:44:42 GMT
Expires: Thu, 26 Jan 2023 21:44:42 GMT
ETag: "1f54f73e87eb3168b8d2fc459e38a3568c8c0124"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
searchanise-ef84.kxcdn.com/preload_data.8c4z7q4s3y.js
82.102.27.18200 OK 9.4 kB URL HTTP/2 searchanise-ef84.kxcdn.com/preload_data.8c4z7q4s3y.js
IP 82.102.27.18:0
File type Unicode text, UTF-8 text, with very long lines (45275), with no line terminators
Hash ced9c98e786b4903ba3c4bcaf7d6e72a
6668f2d67c8602d5930ee0633c7b9829c20a1351
b96e59a0780f3b33e0e7cc3d66ec9c2e8ced3fe26714dc43e3cc3ebb6f038129
GET /preload_data.8c4z7q4s3y.js HTTP/1.1
Host: searchanise-ef84.kxcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: keycdn-engine
date: Thu, 26 Jan 2023 15:52:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 9354
x-amz-id-2: e/xe6x0m3b6fBevWmvXqoLwSa2pbbScaWNnOdVUJdgdFnJvHD5OIPDoqRJSMTyJTcANM2Ts+1yU=
x-amz-request-id: 4WP51RNV2DPZSMVV
last-modified: Thu, 26 Jan 2023 05:37:33 GMT
etag: "ced9c98e786b4903ba3c4bcaf7d6e72a"
cache-control: public, max-age=86400
content-encoding: gzip
expires: Fri, 27 Jan 2023 05:37:32 GMT
x-amz-version-id: 262IQUiMNRhW2bE5n8CZVgs24uX.SN7f
x-cache: HIT
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash ad6abfe3de03c5f959ce73c61f8099fb
6736a0383474a557c99d95f28af8d4df3b375597
c938d5f5cf6387b70b55f74a0939755e570cccc5c6cec74cb46362572f81ff3f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 26 Jan 2023 15:52:35 GMT
Last-Modified: Thu, 26 Jan 2023 15:04:22 GMT
Server: ECS (nyb/1D13)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: jAMTzb1TVvbw_SPZL1VrAEGxdr-tiQZtlttdwUv_ACFJaqc5mynMxg==
Age: 2893
searchanise-ef84.kxcdn.com/templates.8c4z7q4s3y.js
82.102.27.18200 OK 1.7 kB URL HTTP/2 searchanise-ef84.kxcdn.com/templates.8c4z7q4s3y.js
IP 82.102.27.18:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (6697), with no line terminators
Hash 770b68ce2dc99217e36d43aa8829fecb
014b0a328362610191007bc6ba837e09bfff4651
3fb3855d9647b866bd352a40fc1e7f1b7a324c37fcb936ce2a40dcc556532f35
GET /templates.8c4z7q4s3y.js HTTP/1.1
Host: searchanise-ef84.kxcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: keycdn-engine
date: Thu, 26 Jan 2023 15:52:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 1680
x-amz-id-2: khru2PlB67ZOvpWx5jC22MS4ZG+x2+I4xWtQc2IQQlacbzctlWGmnrgTM1LLx+dvUh4s/cCmqaw=
x-amz-request-id: NTJW3J8TFX8T8M4B
last-modified: Wed, 18 Jan 2023 22:25:38 GMT
etag: "770b68ce2dc99217e36d43aa8829fecb"
cache-control: public, no-cache
content-encoding: gzip
expires: Wed, 18 Jan 2023 22:25:37 GMT
x-amz-version-id: 9SDgVQBDTjM2aUuz5EyT1NR6CY0TbX02
x-cache: HIT
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
imgs.signifyd.com/fp/tags.js?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&pageid=2
91.235.133.113200 OK 12 kB URL HTTP/1.1 imgs.signifyd.com/fp/tags.js?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&pageid=2
IP 91.235.133.113:0
File type ASCII text, with very long lines (15506)
Hash 97fa030c5d8e5ef4f192b109ef8b6a46
04e45aadf84d02988313256617113df6ed715057
6bb6e707f1d8c96d65a95513d4bfa5f80d867e477f395b867bc33ced3ed532c1
GET /fp/tags.js?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&pageid=2 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 15:52:35 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: thx_guid=fc4456433d22f4df1679accef07923c1; Max-Age=155520000; Version=1; HttpOnly; Path=/; Secure; SameSite=None;
P3P: CP=IVAa PSAa
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked
ajax.aspnetcdn.com/ajax/jQuery/jquery-3.6.0.min.js
152.199.19.160200 OK 31 kB URL HTTP/2 ajax.aspnetcdn.com/ajax/jQuery/jquery-3.6.0.min.js
IP 152.199.19.160:0
File type ASCII text, with very long lines (65447)
Hash 9b0df0e2d00cb47a92ca0bb8a626a5ca
703ad8039c14079293957cdedacf800e9dab324b
5fc24a6ac6859491a9379b4aaa34017a02599e16cdb47a190993909a62be9dde
GET /ajax/jQuery/jquery-3.6.0.min.js HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 16731683
cache-control: public,max-age=31536000
content-type: application/javascript
date: Thu, 26 Jan 2023 15:52:35 GMT
etag: "803056b57d10d71:0"
last-modified: Wed, 03 Mar 2021 22:36:53 GMT
server: ECAcc (ska/F6B4)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 30982
X-Firefox-Spdy: h2
searchanise-ef84.kxcdn.com/items_modern.39268.css
82.102.27.18200 OK 5.3 kB URL HTTP/2 searchanise-ef84.kxcdn.com/items_modern.39268.css
IP 82.102.27.18:0
File type Unicode text, UTF-8 text, with very long lines (19323)
Hash c635789bf9f87204bb46737ac1e2287b
33c5e15194fc632f769525c256db9a8acaec7555
a35b7164144839746b028898510550f9fd777b42b6ccb26f44359af59ad803cd
GET /items_modern.39268.css HTTP/1.1
Host: searchanise-ef84.kxcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: keycdn-engine
date: Thu, 26 Jan 2023 15:52:35 GMT
content-type: text/css
content-length: 5263
x-amz-id-2: lhS33TZQh3hvJVPngN54s12brekszpjYNoXOmrXIBTyZeinUVszYtZ7IAo/VNx7NZwhly6MIJvQxfWEdDQ2bcQ==
x-amz-request-id: BN8YC3W56BC8KAN3
last-modified: Tue, 24 Jan 2023 12:01:17 GMT
etag: "c635789bf9f87204bb46737ac1e2287b"
cache-control: public, max-age=315360000
content-encoding: gzip
expires: Mon, 12 Oct 2037 00:00:00 GMT
x-amz-version-id: 4uUrlP_n.qgMgtn82Qdla79HxezQNThd
x-cache: HIT
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
searchanise-ef84.kxcdn.com/results_big_pictures_new.39268.css
82.102.27.18200 OK 11 kB URL HTTP/2 searchanise-ef84.kxcdn.com/results_big_pictures_new.39268.css
IP 82.102.27.18:0
File type Unicode text, UTF-8 text, with very long lines (65516), with no line terminators
Hash 80e6eded7d05ac53ba809e70a883179e
a56d38e5b912016e313deae2aba839aef11ba4fe
cffaed344a0bcff6eee249b527d22372b5799bcc7ad9789741751a67dcc781c1
GET /results_big_pictures_new.39268.css HTTP/1.1
Host: searchanise-ef84.kxcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: keycdn-engine
date: Thu, 26 Jan 2023 15:52:35 GMT
content-type: text/css
content-length: 11413
x-amz-id-2: cnBN07dg0FjdkbLqs5Wd/WcYYiY87qj06ZK8h0t6dVCYz5pHzDNGjC05NOFdc3Fec5c6G4h5NBI=
x-amz-request-id: B4SN9ZPJQGXEBZ2E
last-modified: Tue, 24 Jan 2023 12:01:21 GMT
etag: "80e6eded7d05ac53ba809e70a883179e"
cache-control: public, max-age=315360000
content-encoding: gzip
expires: Mon, 12 Oct 2037 00:00:00 GMT
x-amz-version-id: qgFwZeYxcwyJF7RGJLjSsAuoTLmjRyl1
x-cache: HIT
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
searchanise-ef84.kxcdn.com/recommendation.39268.css
82.102.27.18200 OK 4.5 kB URL HTTP/2 searchanise-ef84.kxcdn.com/recommendation.39268.css
IP 82.102.27.18:0
File type Unicode text, UTF-8 text, with very long lines (30725)
Hash f2f0c0be9c18246c35b8f062b067330b
f07be01f1f7a0ac2a15e6a633441a12f23a4afd0
dcf259a989dcc5dcec61c18ae7ed82e486f40b0c71df33842c621e459ab1ebe0
GET /recommendation.39268.css HTTP/1.1
Host: searchanise-ef84.kxcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: keycdn-engine
date: Thu, 26 Jan 2023 15:52:35 GMT
content-type: text/css
content-length: 4517
x-amz-id-2: e2NZdkH9uYHJ/xerRygbSKPlP4eKzA01zaqR+QIUzqHszbmp0Ea3XIvhTYf5V+ohx0bZD60r6Fc=
x-amz-request-id: 1HY5QJBG0FQ2C52N
last-modified: Tue, 24 Jan 2023 12:01:16 GMT
etag: "f2f0c0be9c18246c35b8f062b067330b"
cache-control: public, max-age=315360000
content-encoding: gzip
expires: Mon, 12 Oct 2037 00:00:00 GMT
x-amz-version-id: sOhBt7i31bLKUo84LsGESCNKdt3knlhd
x-cache: HIT
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
addshoppers.s3.amazonaws.com/6177068293f3c3408b6854a9/61781d8ac828c943432f290b/A.js?_t=1636144301
52.217.142.241200 OK 4.4 kB URL HTTP/1.1 addshoppers.s3.amazonaws.com/6177068293f3c3408b6854a9/61781d8ac828c943432f290b/A.js?_t=1636144301
IP 52.217.142.241:0
File type ASCII text, with very long lines (17376), with no line terminators
Hash 0bae611b12a8647d527e1cae062ef1de
87c7daf655d96df6f4e166d7f1046febb83fa0ee
ff6df20364db5d2ca68f93910231e319bef2a5c6c5d1d717835df3b81669eb43
GET /6177068293f3c3408b6854a9/61781d8ac828c943432f290b/A.js?_t=1636144301 HTTP/1.1
Host: addshoppers.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: kdqPFjNZK1pxzCjGMCYSF6hbklT4eXqKzhmQu0HxfGWerkB76dzRWSkYi3MTn88fP5wqY8sxqHQ=
x-amz-request-id: BS79RHWF5FQ6XZ24
Date: Thu, 26 Jan 2023 15:52:36 GMT
Last-Modified: Fri, 05 Nov 2021 20:31:42 GMT
ETag: "0bae611b12a8647d527e1cae062ef1de"
Cache-Control: max-age=2592000, public
Content-Encoding: gzip
x-amz-version-id: OMUfbyW2HM90knNnHstzkw0ZSAWAKMZO
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
Server: AmazonS3
Content-Length: 4416
addshoppers.s3.amazonaws.com/customize/6177068293f3c3408b6854a9/eace640e4e694345a827e7bf3bef00f0.js?_t=1636144298
52.217.142.241200 OK 414 B URL HTTP/1.1 addshoppers.s3.amazonaws.com/customize/6177068293f3c3408b6854a9/eace640e4e694345a827e7bf3bef00f0.js?_t=1636144298
IP 52.217.142.241:0
File type ASCII text, with very long lines (999), with no line terminators
Hash 8bfd24dfc7330a468ffd6b76e4c7bf8d
d9de9c37d58be52e6927e9b92d2d0ee69402bd9f
b4511b32d398fc185c70b9021439bae79262be92ed945689bce9f58ba3737577
GET /customize/6177068293f3c3408b6854a9/eace640e4e694345a827e7bf3bef00f0.js?_t=1636144298 HTTP/1.1
Host: addshoppers.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: T4RjAA04aNxwQQ3/YFO3J0cB6yJu4tx0kYyAYJytbpEuTXfmzdcerZtqvinQOoPxDg4VYtKuI/s=
x-amz-request-id: BS76DSKT7W7Q07D0
Date: Thu, 26 Jan 2023 15:52:36 GMT
Last-Modified: Fri, 05 Nov 2021 20:31:39 GMT
ETag: "8bfd24dfc7330a468ffd6b76e4c7bf8d"
Cache-Control: max-age=2592000, public
Content-Encoding: gzip
x-amz-version-id: TEGmzKJ32uRmGiztMVE0LzsqKOgGwv_k
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
Server: AmazonS3
Content-Length: 414
searchanise-ef84.kxcdn.com/widgets.39268.min.js
82.102.27.18200 OK 40 kB URL HTTP/2 searchanise-ef84.kxcdn.com/widgets.39268.min.js
IP 82.102.27.18:0
File type Unicode text, UTF-8 text, with very long lines (65492), with no line terminators
Hash dec987fee524844718259d938307f710
3ba5df26e7ea49b94fd16bc1effe872e36b1f7c9
0060be365be51b365975abc42f3ef2ffe7f0d8d716bcb05d1ba36fc4948181e0
GET /widgets.39268.min.js HTTP/1.1
Host: searchanise-ef84.kxcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: keycdn-engine
date: Thu, 26 Jan 2023 15:52:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 39963
x-amz-id-2: x+DxeUptraKnGvw16iaOdEaxve95BpKIVZMPlSioWibR5d5sC2g3xtbg5jNgHkK0fKibzD9nVtg=
x-amz-request-id: 1HY0GD0T5RFFSPZT
last-modified: Tue, 24 Jan 2023 12:01:14 GMT
etag: "dec987fee524844718259d938307f710"
cache-control: public, max-age=315360000
content-encoding: gzip
expires: Mon, 12 Oct 2037 00:00:00 GMT
x-amz-version-id: XznGykigb3P.S52AHeaEfBGVxTm8WTOF
x-cache: HIT
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
imgs.signifyd.com/fp/clear.png?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=c860698a6568e07e&ck=0&m=2
91.235.133.113200 OK 81 B URL HTTP/1.1 imgs.signifyd.com/fp/clear.png?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=c860698a6568e07e&ck=0&m=2
IP 91.235.133.113:0
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=c860698a6568e07e&ck=0&m=2 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Cookie: thx_guid=fc4456433d22f4df1679accef07923c1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 15:52:35 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: image/png
imgs.signifyd.com/fp/check.js;CIS3SID=FF867F7796FE619BBD4559A526FECACC?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=c860698a6568e07e&jb=3d322e266a716f753d4c6b667f722c68716f3546616677702c6a7b607d3f4c617a656e6f78246a73623d4461786f6c6d7a253a3a393837
91.235.133.113200 OK 43 kB URL HTTP/1.1 imgs.signifyd.com/fp/check.js;CIS3SID=FF867F7796FE619BBD4559A526FECACC?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=c860698a6568e07e&jb=3d322e266a716f753d4c6b667f722c68716f3546616677702c6a7b607d3f4c617a656e6f78246a73623d4461786f6c6d7a253a3a393837
IP 91.235.133.113:0
File type ASCII text, with very long lines (8659)
Hash c8e701369072798ce2b6e1aff0a95afd
7f3ca2d5c7769087fcbb85be42e3686bd15adeb2
d07ff4582b9e8ce2efe1a9fc0f7770bfd61309521a79eff66049107412368fa6
GET /fp/check.js;CIS3SID=FF867F7796FE619BBD4559A526FECACC?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=c860698a6568e07e&jb=3d322e266a716f753d4c6b667f722c68716f3546616677702c6a7b607d3f4c617a656e6f78246a73623d4461786f6c6d7a253a3a393837 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Cookie: thx_guid=fc4456433d22f4df1679accef07923c1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 15:52:35 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
tmx-nonce: c860698a6568e07e
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=98
Transfer-Encoding: chunked
imgs.signifyd.com/fp/clear.png?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=c860698a6568e07e&ck=0&m=1
91.235.133.113200 OK 81 B URL HTTP/1.1 imgs.signifyd.com/fp/clear.png?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=c860698a6568e07e&ck=0&m=1
IP 91.235.133.113:0
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png?org_id=w2txo5aa&session_id=919042154drinkorgainmyshopifycom&nonce=c860698a6568e07e&ck=0&m=1 HTTP/1.1
Host: imgs.signifyd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://orgain.com/
Cookie: thx_guid=fc4456433d22f4df1679accef07923c1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 15:52:35 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/png
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 642 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash f1949c900f6487036d76d2d1b61f2cb7
0af1ac21094175d788b2be8ebda92cfc1484bf47
36485cd7aca0ef1752f3ea21b73c3777e2badea70459db561ef6ac12c0688bd6
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=143162
Date: Thu, 26 Jan 2023 15:52:35 GMT
Etag: "63d215af-1d7"
Expires: Sat, 28 Jan 2023 07:38:37 GMT
Last-Modified: Thu, 26 Jan 2023 05:54:55 GMT
Server: ECS (nyb/1D33)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: JV42HE_GjZqwk_syofMnQ4nKYhlLyM5FaI38qgF8QnJcppcPlVQL2w==
Age: 6223
delivery.shopifyapps.com/assets/checkout/script.js?shop=drink-orgain.myshopify.com
185.146.173.20200 OK 0 B URL HTTP/2 delivery.shopifyapps.com/assets/checkout/script.js?shop=drink-orgain.myshopify.com
IP 185.146.173.20:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /assets/checkout/script.js?shop=drink-orgain.myshopify.com HTTP/1.1
Host: delivery.shopifyapps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 15:52:35 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding
cache-control: public, must-revalidate
etag: W/"44bcde3ebc25f9fa4a1812104bc9bca9f5473110e4c379a14c9fe0eecc1caae8"
x-request-id: 864b6e9a-0bcf-46f4-8207-f478da2bee12
x-runtime: 0.002387
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,gcp-us-east1
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j849pinvWP%2FrTYwqp177vHjBIFns8RaZbDaU0dQjg83qSOgKDT06hllCa%2FKOA1LKtuN0IfgMeWegmYuKn%2FhSEvW34ssiZ1zoQaYRUc%2FXb10fmg93OsbhhfC5zrzEnvDkUS5JDgYcFm1DIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: processing;dur=3, socket_queue;dur=2.827, cfRequestDuration;dur=291.000128
server: cloudflare
cf-ray: 78fa6aa25dcbb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
app.shop.pe/app/datapartners/status?usersite_id=6177068293f3c3408b6854a9
35.227.244.1200 OK 0 B URL HTTP/2 app.shop.pe/app/datapartners/status?usersite_id=6177068293f3c3408b6854a9
IP 35.227.244.1:0
GET /app/datapartners/status?usersite_id=6177068293f3c3408b6854a9 HTTP/1.1
Host: app.shop.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 15:52:35 GMT
content-type: application/json; charset=UTF-8
p3p: policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
set-cookie: _xsrf=2|86c0037b|ff1791831fa2cc74b7057fc51c188525|1674748355; Path=/
etag: W/"d48adb817df76a0be528e77b4fc4b708c8c46f73"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type, X-XSRFToken
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PATCH
access-control-allow-credentials: true
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
widgets.automizely.com/aftership/mobile-booster.js?organization_id=49df574b791b4a67a447b7639aba8b35&shop=drink-orgain.myshopify.com
104.19.169.102200 OK 0 B URL HTTP/2 widgets.automizely.com/aftership/mobile-booster.js?organization_id=49df574b791b4a67a447b7639aba8b35&shop=drink-orgain.myshopify.com
IP 104.19.169.102:0
GET /aftership/mobile-booster.js?organization_id=49df574b791b4a67a447b7639aba8b35&shop=drink-orgain.myshopify.com HTTP/1.1
Host: widgets.automizely.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 15:52:35 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: RhZhtTOlMm1C+B3Vp/+km0HrNEOq0Aoj6+SGrzv9QEHdsTR5QSCgJrQBxgtZEKci4EVyXujssh8=
x-amz-request-id: BS70FVACV43KGKY0
cache-control: public, no-cache
x-amz-meta-x-frame-options: deny
last-modified: Fri, 30 Dec 2022 08:03:10 GMT
etag: W/"814a77c1d853089f232466daaa15cfbc"
cf-cache-status: MISS
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78fa6aa18a23b50f-OSL
content-encoding: br
X-Firefox-Spdy: h2
delivery.shopifyapps.com/checkout/check_order?callback=jQuery36105678273325882018_1674748355179&shop=drink-orgain.myshopify.com&checkout_token=edde107a12f5f0a75e83bcb11d204b16&_=1674748355180
185.146.173.20200 OK 0 B URL HTTP/2 delivery.shopifyapps.com/checkout/check_order?callback=jQuery36105678273325882018_1674748355179&shop=drink-orgain.myshopify.com&checkout_token=edde107a12f5f0a75e83bcb11d204b16&_=1674748355180
IP 185.146.173.20:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /checkout/check_order?callback=jQuery36105678273325882018_1674748355179&shop=drink-orgain.myshopify.com&checkout_token=edde107a12f5f0a75e83bcb11d204b16&_=1674748355180 HTTP/1.1
Host: delivery.shopifyapps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 15:52:35 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept
x-xss-protection: 0
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
p3p: CP="Shopify does not support P3P."
etag: W/"e72fdbdedf94f4d17d27620518a5ba34"
cache-control: max-age=0, private, must-revalidate
x-request-id: e3f1fcca-9f96-4c76-8038-64e13815fc5a
x-runtime: 0.568208
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,gcp-us-east1
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F4bw%2FG8rEfrS%2Byp8WZ8yAHF%2BeEUoSneJUwbxgMC24Y7zWdCHIORTX5QBWqy709noYBfRj%2FXL1DHFwk8QngMkNuIOwBOB%2BiNYSmoUdMJ4GtxkocN8M8HA7KcSavB73LYIi9udbwPCHLoDlA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: processing;dur=569, socket_queue;dur=2.741, util;dur=0.125, cfRequestDuration;dur=722.999811
server: cloudflare
cf-ray: 78fa6aa44871b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
orgain.com/7408320621/orders/6e4a4a183201fc46f1496c922f543fbc
23.227.38.32200 OK 0 B URL HTTP/2 orgain.com/7408320621/orders/6e4a4a183201fc46f1496c922f543fbc
IP 23.227.38.32:0
GET /7408320621/orders/6e4a4a183201fc46f1496c922f543fbc HTTP/1.1
Host: orgain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: order=eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaEpJaVV5TXpFMlpEUTNZVGxtTjJOa09UVmtNalV5T1dZME1HWXpOV1ZpTUdSbFpBWTZCa1ZVIiwiZXhwIjoiMjAyMy0wMi0xNlQxNTo1MjoyNy40NTJaIiwicHVyIjoiY29va2llLm9yZGVyIn19--703328c7038b120566c622a0e3f735ef95ba4bb1; _cmp_a=%7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22merchant_geo%22%3A%22USUSCA%22%2C%22sale_of_data_region%22%3Afalse%7D; _y=f556f08b-cd7e-4a17-a251-4eecf3ebbbcd; _s=07891a9c-32a5-4035-809c-e8d5ff1382f1; _shopify_y=f556f08b-cd7e-4a17-a251-4eecf3ebbbcd; _shopify_s=07891a9c-32a5-4035-809c-e8d5ff1382f1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 15:52:28 GMT
content-type: text/html; charset=utf-8
x-sorting-hat-podid: 108
x-sorting-hat-shopid: 7408320621
vary: Accept-Encoding
x-frame-options: DENY
x-shopid: 7408320621
x-shardid: 108
x-robots-tag: none
referrer-policy: origin-when-cross-origin
content-language: en-US
cache-control: no-cache
strict-transport-security: max-age=7889238
set-cookie: _cmp_a=%7B%22purposes%22%3A%7B%22a%22%3Atrue%2C%22p%22%3Atrue%2C%22m%22%3Atrue%2C%22t%22%3Atrue%7D%2C%22display_banner%22%3Afalse%2C%22merchant_geo%22%3A%22USUSCA%22%2C%22sale_of_data_region%22%3Afalse%7D; domain=orgain.com; path=/; expires=Fri, 27 Jan 2023 15:52:28 GMT; SameSite=Lax
_orig_referrer=; Expires=Thu, 09-Feb-23 15:52:28 GMT; Domain=orgain.com; Path=/; HttpOnly; SameSite=Lax
_landing_page=%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc; Expires=Thu, 09-Feb-23 15:52:28 GMT; Domain=orgain.com; Path=/; HttpOnly; SameSite=Lax
_y=f556f08b-cd7e-4a17-a251-4eecf3ebbbcd; Expires=Fri, 26-Jan-24 15:52:28 GMT; Domain=orgain.com; Path=/; SameSite=Lax
_s=07891a9c-32a5-4035-809c-e8d5ff1382f1; Expires=Thu, 26-Jan-23 16:22:28 GMT; Domain=orgain.com; Path=/; SameSite=Lax
_shopify_y=f556f08b-cd7e-4a17-a251-4eecf3ebbbcd; Expires=Fri, 26-Jan-24 15:52:28 GMT; Domain=orgain.com; Path=/; SameSite=Lax
_shopify_s=07891a9c-32a5-4035-809c-e8d5ff1382f1; Expires=Thu, 26-Jan-23 16:22:28 GMT; Domain=orgain.com; Path=/; SameSite=Lax
x-shopify-stage: production
content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=show&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Forders&source%5Bsection%5D=checkout&source%5Bshop_id%5D=7408320621&source%5Buuid%5D=b92321b4-e7bf-4321-8802-c895607315cc
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block; report=/xss-report?source%5Baction%5D=show&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Forders&source%5Bsection%5D=checkout&source%5Bshop_id%5D=7408320621&source%5Buuid%5D=b92321b4-e7bf-4321-8802-c895607315cc
x-dc: gcp-europe-north1,gcp-us-east1,gcp-us-east1
x-request-id: b92321b4-e7bf-4321-8802-c895607315cc
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w2QMYyXzGCpNk0DtFK4rw3LyHZOlt7BHk%2BLlhTtok3xYPFwW52LVNmoVcAHigeNDVq7YPxN%2FJBAbiHDc9S28Z6YAoczrovl4LRbTVv614pGdWIAtNdz3tu81tO0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=1067.999840
server: cloudflare
cf-ray: 78fa6a748ff40b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
widgets.automizely.com/aftership/gmv.js?organization_id=49df574b791b4a67a447b7639aba8b35&shop=drink-orgain.myshopify.com
104.19.169.102200 OK 0 B URL HTTP/2 widgets.automizely.com/aftership/gmv.js?organization_id=49df574b791b4a67a447b7639aba8b35&shop=drink-orgain.myshopify.com
IP 104.19.169.102:0
GET /aftership/gmv.js?organization_id=49df574b791b4a67a447b7639aba8b35&shop=drink-orgain.myshopify.com HTTP/1.1
Host: widgets.automizely.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 15:52:34 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: bYcyAh/Jj1vIQOQwmtGTkmISI5RR5dtE5guOKJyW2XuIhUjSavfz843D062ohyCnppUJDUmg3cc=
x-amz-request-id: 8MQKBVB5NKH75478
x-amz-meta-x-frame-options: deny
last-modified: Fri, 30 Dec 2022 08:03:10 GMT
etag: W/"a0629c9eea780e8f21ab0bdb2518e3e7"
cf-cache-status: HIT
age: 892
expires: Thu, 26 Jan 2023 19:52:34 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78fa6aa1aa4cb50f-OSL
content-encoding: br
X-Firefox-Spdy: h2
searchserverapi.com/widgets/shopify/init.js?a=8c4z7q4s3y&shop=drink-orgain.myshopify.com
66.85.136.101200 OK 0 B URL HTTP/2 searchserverapi.com/widgets/shopify/init.js?a=8c4z7q4s3y&shop=drink-orgain.myshopify.com
IP 66.85.136.101:0
GET /widgets/shopify/init.js?a=8c4z7q4s3y&shop=drink-orgain.myshopify.com HTTP/1.1
Host: searchserverapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 15:52:35 GMT
content-type: application/x-javascript
last-modified: Tue, 24 Jan 2023 12:01:11 GMT
etag: W/"63cfc887-1b08"
expires: Thu, 26 Jan 2023 15:52:34 GMT
cache-control: no-cache
access-control-allow-origin: *
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
cdn-widget-assets.yotpo.com/widget-checkout-redemptions/app.v0.2.78-3934.js
95.101.97.70200 OK 0 B URL HTTP/2 cdn-widget-assets.yotpo.com/widget-checkout-redemptions/app.v0.2.78-3934.js
IP 95.101.97.70:0
GET /widget-checkout-redemptions/app.v0.2.78-3934.js HTTP/1.1
Host: cdn-widget-assets.yotpo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: PMuiXCy46GaZZefAUeaWOKQ8WsQJn+bCpsMvQ9K93LvC0vVL4lfuc6WN00yM9JI5WnDUUBXc9n4=
x-amz-request-id: E7T6WY4M2AGFKP31
last-modified: Thu, 19 Jan 2023 10:28:07 GMT
etag: "4ce35a53ff92ec72758044bae810bb95"
x-amz-meta-s3cmd-attrs: atime:1674124085/ctime:1674124085/gid:117/gname:jenkins/md5:4ce35a53ff92ec72758044bae810bb95/mode:33188/mtime:1674124085/uid:110/uname:jenkins
x-amz-version-id: 8eYLQCurZzhS_6fKhCijpSx3BBQ5pEWx
accept-ranges: bytes
content-type: application/javascript
server: AmazonS3
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=30918849
date: Thu, 26 Jan 2023 15:52:33 GMT
X-Firefox-Spdy: h2
www.cloudflare.com/cdn-cgi/trace
104.16.124.96200 OK 0 B URL HTTP/2 www.cloudflare.com/cdn-cgi/trace
IP 104.16.124.96:0
GET /cdn-cgi/trace HTTP/1.1
Host: www.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 15:52:35 GMT
content-type: text/plain
access-control-allow-origin: *
server: cloudflare
cf-ray: 78fa6aa49f06b4fd-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
instafeed.nfcube.com/cdn/124b32db23395a97eba035767d918317.js?shop=drink-orgain.myshopify.com
104.26.7.155200 OK 0 B URL HTTP/2 instafeed.nfcube.com/cdn/124b32db23395a97eba035767d918317.js?shop=drink-orgain.myshopify.com
IP 104.26.7.155:0
GET /cdn/124b32db23395a97eba035767d918317.js?shop=drink-orgain.myshopify.com HTTP/1.1
Host: instafeed.nfcube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 15:52:35 GMT
content-type: application/javascript
cache-control: public, max-age=315360000, must-revalidate, proxy-revalidate
cf-bgj: minify
cf-polished: origSize=19872
etag: W/"6269c6e5-4da0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 27 Apr 2022 22:42:45 GMT
pragma: public
vary: Accept-Encoding
x-rule: cdn migration
cf-cache-status: HIT
age: 48155
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6v8%2BPxVwD9uqT9ZBbsp%2F2wENp8gTlPOnp2zLW%2BAXg3%2F7bYLkYcR1y9b36yMYGfEbiVuzqrxg%2F7O1wNwjm5q3kPNAjbO33fYmHOmekW0ybmV%2Bhr0RrXGxF4MdIhskatJO0A6gy6rf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78fa6aa2cba20afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
instafeed.nfcube.com/cdn/instafeed-4.7.6.css
104.26.7.155200 OK 0 B URL HTTP/2 instafeed.nfcube.com/cdn/instafeed-4.7.6.css
IP 104.26.7.155:0
GET /cdn/instafeed-4.7.6.css HTTP/1.1
Host: instafeed.nfcube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 15:52:35 GMT
content-type: text/css
cache-control: public, max-age=315360000, must-revalidate, proxy-revalidate
cf-bgj: minify
etag: W/"6272756d-2c28"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 04 May 2022 12:45:33 GMT
pragma: public
vary: Accept-Encoding
cf-cache-status: HIT
age: 580949
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8B0T5YdruryZwlGE1xVfV%2FGHSsdpM37KXjQIJ6nEbdtwUhKqbsxc6BLcXg3qE%2BWKJFu8%2BWYxJmrDfRXdCZtBIPh3gO5ZZw4mfOvNv%2BRH4k0MJzKp6vGfuyoxWhhfgAIsEH7jqkuB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78fa6aa32c170afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sdks.automizely-analytics.com/analytics/v1/dc.js
172.64.160.25200 OK 0 B URL HTTP/2 sdks.automizely-analytics.com/analytics/v1/dc.js
IP 172.64.160.25:0
GET /analytics/v1/dc.js HTTP/1.1
Host: sdks.automizely-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 15:52:35 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: /Z4RCvuA5LyoJGTBaOP4J5/Hdlcd5oUYk1iWLzpYYB5R3mr64jeFMeoLbyBTG3ddmzY8A9Z6f5A=
x-amz-request-id: 0JZW3W9DW7MCAYTY
cache-control: public, max-age=14400
last-modified: Fri, 14 Oct 2022 07:26:21 GMT
etag: W/"d07f68d3dbe0be573d011a72f8eb1dd6"
cf-cache-status: HIT
age: 39
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TVBbE2Pi4nk0LZuYBCfAnwzFJyUctnc1ORdp7F%2FV9SaZEnuJdM8%2BV8T8HXAmM3VUCScke%2FM4gnwNFv5JO8YefComJRgqyAegkRFGnemo3elS2c2v4n%2Bujqf4cM4eLSzFh5XdxF0kLPBuFUGIdHJocQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fa6aa3098571f0-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
my.jst.ai/ajax/account_version_check.html?id=2A7394E0-7C1C-4D62-B8A3-9C3D438885B6
104.17.202.53200 OK 0 B URL HTTP/2 my.jst.ai/ajax/account_version_check.html?id=2A7394E0-7C1C-4D62-B8A3-9C3D438885B6
IP 104.17.202.53:0
GET /ajax/account_version_check.html?id=2A7394E0-7C1C-4D62-B8A3-9C3D438885B6 HTTP/1.1
Host: my.jst.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 15:52:35 GMT
content-type: application/json
cache-control: public, max-age=30
last-modified: Thu, 26 Jan 2023 07:52:35 PST
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIa CONa OUR BUS DSP NON COR"
referrer-policy: no-referrer-when-downgrade
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: X-CSRFToken, x-csrf-token, x-rover-source, X-Requested-With, origin, content-type, accept
cf-cache-status: EXPIRED
expires: Thu, 26 Jan 2023 15:53:05 GMT
set-cookie: __cflb=04dToS6decDvtn94xCdmQthrL5q991Kcz86o8oQW1b; SameSite=None; Secure; path=/; expires=Thu, 26-Jan-23 16:22:35 GMT; HttpOnly
server: cloudflare
cf-ray: 78fa6aa3ebf90b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
widgets.automizely.com/aftership/download_app_card.html
104.19.169.102200 OK 0 B URL HTTP/2 widgets.automizely.com/aftership/download_app_card.html
IP 104.19.169.102:0
GET /aftership/download_app_card.html HTTP/1.1
Host: widgets.automizely.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 15:52:35 GMT
content-type: text/html; charset=utf-8
x-amz-id-2: 3PAULGugDOx2qbQfRsYx2qlD47b1vqKyhB/qhPhqv8IVrcWflkFz208V+jfTkPzYjlOsuPYYR5Q=
x-amz-request-id: BS75076VE6WCFG6B
cache-control: public, no-cache
x-amz-meta-x-frame-options: deny
last-modified: Fri, 30 Dec 2022 08:03:10 GMT
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 78fa6aa6b904b50f-OSL
content-encoding: br
X-Firefox-Spdy: h2
sc-static.net/js-sha256-v1.min.js
54.230.82.240200 OK 0 B URL HTTP/2 sc-static.net/js-sha256-v1.min.js
IP 54.230.82.240:0
GET /js-sha256-v1.min.js HTTP/1.1
Host: sc-static.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 25 Jan 2023 21:28:15 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: Content-Type
last-modified: Fri, 05 Apr 2019 00:32:08 GMT
cache-control: public, s-maxage=86400, max-age=600
server: AmazonS3
content-encoding: gzip
etag: W/"68f2467c84878293c9ee497dbc99a17f"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: N3xaHfETD5aHr5aSnkeCCynq4-OpFknq-bt_-RKzelH3n5VKO3lzpg==
age: 66260
X-Firefox-Spdy: h2
tr.snapchat.com/config/com/18ab9ee3-5df9-4c59-91b0-f8899457ea4b.json
35.190.43.134200 OK 0 B URL HTTP/2 tr.snapchat.com/config/com/18ab9ee3-5df9-4c59-91b0-f8899457ea4b.json
IP 35.190.43.134:0
GET /config/com/18ab9ee3-5df9-4c59-91b0-f8899457ea4b.json HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 15:52:31 GMT
access-control-allow-origin: https://orgain.com
content-type: application/json
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time: 0
content-encoding: gzip
vary: Accept-Encoding
server: API Gateway
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/1655794/domain/orgain.com/token
54.230.111.42200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/1655794/domain/orgain.com/token
IP 54.230.111.42:0
GET /partner/1655794/domain/orgain.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Origin: https://orgain.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
date: Thu, 26 Jan 2023 15:28:19 GMT
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sm5-hfQOHE5KzAw0x3dSYHkfPCgXVbvywrF9JKWbB_jKt4Jylz0NpQ==
age: 1452
X-Firefox-Spdy: h2
insight.adsrvr.org/track/up?adv=uhh1hk6&ref=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&upid=sml8w9s&upv=1.1.0
15.197.193.217200 OK 0 B URL HTTP/2 insight.adsrvr.org/track/up?adv=uhh1hk6&ref=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&upid=sml8w9s&upv=1.1.0
IP 15.197.193.217:0
GET /track/up?adv=uhh1hk6&ref=https%3A%2F%2Forgain.com%2F7408320621%2Forders%2F6e4a4a183201fc46f1496c922f543fbc&upid=sml8w9s&upv=1.1.0 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 15:52:34 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
cdn.jst.ai/vck-shopify.js
104.17.203.53200 OK 0 B URL HTTP/2 cdn.jst.ai/vck-shopify.js
IP 104.17.203.53:0
GET /vck-shopify.js HTTP/1.1
Host: cdn.jst.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 15:52:35 GMT
content-type: application/javascript
access-control-max-age: 3000
cache-control: public, max-age=700000
cf-bgj: minify
cf-polished: origSize=10925
etag: W/"259ddac425e70184b1c9890febcb1a48"
last-modified: Tue, 18 Jan 2022 22:56:21 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-77-cache: HIT
x-77-nzt: AblMCQ3tUfz/vHAGAA
x-77-nzt-ray: c0a4cc28753708ee96b4986319612d13
x-77-pop: stockholmSE
x-age: 422076
x-cache: HIT
x-amz-id-2: pVXGOrNpvK3oKKQf9k2gIw53NNyCQNsaHHRyMTaexA2qruDigYA+SZvRpyFtH7bIdWOiwLjjoi0=
x-amz-request-id: KXR8K7DSJB72E4FE
x-amz-version-id: mkHVrKu9..67dXu1ksQk643SRpaI.rtc
cf-cache-status: HIT
age: 296171
expires: Fri, 03 Feb 2023 18:19:15 GMT
access-control-allow-headers: *
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cloudflare
cf-ray: 78fa6aa2c970b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
easyredirects.esc-apps-cdn.com/redirect-app.js?shop=drink-orgain.myshopify.com
172.64.139.20200 OK 0 B URL HTTP/2 easyredirects.esc-apps-cdn.com/redirect-app.js?shop=drink-orgain.myshopify.com
IP 172.64.139.20:0
GET /redirect-app.js?shop=drink-orgain.myshopify.com HTTP/1.1
Host: easyredirects.esc-apps-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 15:52:35 GMT
content-type: application/javascript
cf-bgj: minify
age: 2240
etag: W/"9643234c1fa77f5a0767132cdbd8bd1a"
last-modified: Thu, 10 Mar 2022 10:52:17 GMT
vary: Accept-Encoding
via: 1.1 a3b3b04524e1472771e3b8ea32f51618.cloudfront.net (CloudFront)
x-amz-cf-id: blmgKJYrLaL33DYKIKrDvc-1dlKq7SM0V438Pn4GA7uTpc7KQIzeCw==
x-amz-cf-pop: LHR3-C1
x-cache: Hit from cloudfront
cache-control: max-age=3600
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2uiIIarWAcyNCqhzBkIGCexaC1pAW5Cmpkk4qpa%2B%2BYOjAz7BiDGM0%2FrI9GoZaglVRrMfoi5oaJAhwNpTZp7nlHHrZR7cJoK%2Fiy1G6Bz4RAVikzgUSBdoFY5LjgBGmidcRTlxPTGfXUFaauENZkT%2B%2B3g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fa6aa2cef624ed-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tinyurl.com/hgdsuhu
104.20.139.65301 Moved Permanently 0 B IP 104.20.139.65:0
GET /hgdsuhu HTTP/1.1
Host: tinyurl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orgain.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Thu, 26 Jan 2023 15:52:29 GMT
content-type: text/html; charset=UTF-8
location: https://s3-us-west-2.amazonaws.com/addressvalidator/pobox_checker.js
cache-control: max-age=0, public, s-max-age=900, stale-if-error: 86400
referrer-policy: unsafe-url
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78fa6a7c988db50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.shopify.com/s/files/1/0074/0832/0621/t/665/assets/Montserrat-Bold.woff2
23.227.60.200200 OK 0 B URL HTTP/2 cdn.shopify.com/s/files/1/0074/0832/0621/t/665/assets/Montserrat-Bold.woff2
IP 23.227.60.200:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /s/files/1/0074/0832/0621/t/665/assets/Montserrat-Bold.woff2 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://orgain.com
Connection: keep-alive
Referer: https://cdn.shopify.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 15:52:30 GMT
content-type: font/woff2
content-length: 65396
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0074/0832/0621/t/665/assets/Montserrat-Bold.woff2>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 3e6ad6f7-a17e-4fd7-81bc-190c659e9557
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-central1
last-modified: Wed, 11 Jan 2023 20:49:21 GMT
cf-cache-status: HIT
age: 48158
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qf7jXjT7DXqmN2kh6R0Ii5KPkLuyNBZGm4sac5rqLcF7JFOuj1SJKkb5MPqXL7FkImXiG86JkGEazGkvA35S1BYGHAq8D%2FIHnoQ8UKNXOOL5aKheJi27fl%2FPdFO3L5sdgw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server-timing: imagery;dur=508.014, imageryFetch;dur=507.727, cfRequestDuration;dur=18.999815
server: cloudflare
cf-ray: 78fa6a85cd02b4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2